Tag Archives: Computing

Important Scam Warning – altered BSB & Account on valid invoices!

Please note that the Chamber has verified that this is a real scam suffered by a business in Harvey so please take a few moments to read this post.

We’ve had a notification of scam known in the UK and now being applied in WA via electronic invoicing, where a scammer has intercepted and altered large monetary value invoices being sent to customers. The invoices are then on sent to the customer, with an altered BSB & Account number and email contact, and subsequently paid by the customer – who inadvertently pays the scammer instead of the supplier.

You can prevent this by implementing the following procedures:

  • Store your known & confirmed supplier bank details in your electronic bank payments – most internet bank accounts allow this. When paying invoices always check that invoice bank details are the same as your stored details.
  • Only change them when you are sure the change is a valid request from your supplier.
  • Always look carefully at large value invoices to ensure they are a) genuine, b) for a known service that you have ordered and c) carry the original known bank details.
  • Check the contact email address carefully to ensure that its not a .net or .org when it should be a .com or .com.au
  • Always send a confirmation email to your supplier to alert them that your invoice has been paid as this shortens the cycle dramatically for the scammer which could enable banks & authorities to retrieve misappropriated funds.
  • If you receive notification from a customer that a large bill has been paid but can’t see the funds follow it up immediately with the customer as your outgoing email may have been compromised.
  • If you suspect you have received an altered invoice or that one has been sent in your name, contact authorities immediately on WA ScamNet at Consumer Protection by calling 1300 30 40 54 or emailing: scamquery@commerce.wa.gov.au.

For more information see these articles:

And finally before you ask – yes the Chamber has changed its bank account details! Our new account is still at the Bendigo Bank so same BSB 633-108 but new account number of 149739567. If you require further confirmation call me on 9756 2776, thanks Mel.

Phone Calls from ‘Microsoft Support’ resurface

One of our Chamber members contacted us late last night having been rung at home by a member of ‘Microsoft Support Service‘ to tell them that hackers had managed to target their PC and were actively stealing details from it. Our member was very concerned but remembered advice circulated last year about scam calls to home PC users and declined to follow the callers instructions.

In a new twist to this scam, 5 minutes later they received a call from Pamela Collins of Quantum PC Support in Melbourne giving her ‘company ID and a Melbourne phone number reiterating that thieves were accessing their PC and stealing banking & personal information. She talked about error & warning messages appearing on the PC screen and instructed our member to visit a website where they could download a program that would stop the thieves activity.

Luckily, our members PC was switched off at the time so they declined and rang us instead.

We decided to investigate the call further & rang Pamela on the number she had given. Although being a Melbourne code, the number was a Skype Number that redirected to a call centre in the US. We asked for Pamela who confirmed her company ID but when we asked her about her call to our member she transferred the call to a senior consultant – ‘Joe Watson’.

We asked for the location of the company & were told they were at 128, St Kilda Road, Melbourne. A quick check on Google Street View showed this to be a shop belonging to Daryl Collins Communications. We asked ‘Joe’ if this was their premises as we knew the area but he then said they were actually located a few  streets away near a girls school & declined to give another address.

We asked him for the technical background to the problem, he said the “Internet Infections are being loaded into the applications area of the PC, an area that anti-virus programs don’t check”.

We then pressed him on why they called this particular member of the public about problems with their PC. He said our member was just selected at random as they were calling ‘everybody‘ to warn them of computer virus’s and offer help to ‘fix’ the problem.

A number of points come out of this event:

  1. The aim of this scam is to encourage PC owners to visit a website & download ‘support’ software that will give this group full remote access to your PC. They will then charge you to ‘fix’ problems.
  2. By calling in the evening when it’s unlikely you have anyone you can ask for advice, they are relying on frightening you into following their instructions.
  3. Transferring your call from an Australian Skype number to an overseas call centre is likely to make any Federal Police investigation more difficult.
  4. If you receive one of these calls, don’t follow the instructions no matter how much they try to convince you of the immediate threat. Make notes of everything the caller tells you including contact details and seek advice.

There are a number of Internet resources and stories behind this scam:

Advice & Guidance:

Reported Call’s that match this profile:

 

If you have any doubt or worries, don’t keep them to yourself – seek advice. Please contact one of the Chamber of Commerce IT Business Members listed in the Business Directory.

Article Sponsored by Westcountry Web Services

If you would like to contribute an article to the Business Chamber, please contact the Chamber Secretary.

 

Phishing for Business?

Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.

It can be a big problem for businesses as staff are often caught out by emails they think are legitimate but which often turn out to be far from it!

Take a look at this one:

Does this look real?

;

The Chamber Secretary received this email reportedly from the ANZ Bank. While the logo is right and the copyright notice seems to suggest it’s legitimate, a quick look behind the text shows that that clicking on LOG IN takes you to a server in Russia!

Not the LOG IN you expected?

While it’s easy to say don’t click on any link in a banking email, you can see how easy it is to be fooled. The writer even used the ANZ logo, linked to the genuine ANZ website.

By clicking on the link, you will no doubt end up on a website that either mimics the banks login page in order to obtain your account details or holds malicious code that may well infect your computer. Either way, its not the best way to start your day.

Luckily, this email was spotted by Norton Spam Filter which removed the active link & placed it in the Spam folder, is your PC anti virus up to date or are you relying on luck?

——————————————————————————————————-

An article from Westcountry Web Service. If you are a chamber member and would like to contribute an article, please email the Chamber Secretary.