Tag Archives: Phishing

Scammers targeting small business and “tradies”

The Small Business Development Corporation (SBDC) is today warning tradies and other small businesses advertising in local newspapers and trade publications, to be aware of scams involving bogus invoices and demands for payment.

SBDC Chief Executive Officer, David Eaton says scams of this type prey on busy small business operators, and those who do not have structured payment systems in place.

“Many small business operators, particularly self-employed tradespeople, are busy working in their businesses and are time-poor when it comes to paperwork,” Mr Eaton said.

“This can leave them vulnerable to scams where payment of invoices for unauthorised advertisements is demanded, so if you’re not sure ask for your authorisation”.

Commissioner for Consumer Protection, Anne Driscoll says many businesses have been cold-called by people claiming to represent a variety of publications and demanding payment for advertising in those publications.

“Investigations are continuing into these reports and we would like to warn all businesses to be aware of these unsolicited approaches,” Ms Driscoll said.

The SBDC has been contacted by the Community Newspaper Group concerned that scammers may be targeting their valued classified advertising clients in these deceitful practices.

Christine Sutherland, Sales Director for the Community Newspaper Group said the paper’s trades and services section may have been a target in this current wave of scams.

“We have had reports from a couple of our customers regarding this scam and that the callers, in an effort to lure them in, have pretended to be from the Community Newspaper Group,” Ms Sutherland said.

We would like to inform all of our customers, that if they have any doubts or concerns that the person they are talking to, who is claiming to be from the Community Newspaper Group, may not be who they say they are, simply take their name and call us on 13 20 13 to resume the conversation.  That way you can be sure the caller is bona fide.”

For more information and advice, contact: the Small Business Development Corporation on  13 12 49  or visit www.smallbusiness.wa.gov.au; Consumer Protection on 1300 30 40 54 or consumer@commerce.wa.gov.au

and the WA ScamNet website: www.wascamnet.wa.gov.au .

Important Scam Warning – altered BSB & Account on valid invoices!

Please note that the Chamber has verified that this is a real scam suffered by a business in Harvey so please take a few moments to read this post.

We’ve had a notification of scam known in the UK and now being applied in WA via electronic invoicing, where a scammer has intercepted and altered large monetary value invoices being sent to customers. The invoices are then on sent to the customer, with an altered BSB & Account number and email contact, and subsequently paid by the customer – who inadvertently pays the scammer instead of the supplier.

You can prevent this by implementing the following procedures:

  • Store your known & confirmed supplier bank details in your electronic bank payments – most internet bank accounts allow this. When paying invoices always check that invoice bank details are the same as your stored details.
  • Only change them when you are sure the change is a valid request from your supplier.
  • Always look carefully at large value invoices to ensure they are a) genuine, b) for a known service that you have ordered and c) carry the original known bank details.
  • Check the contact email address carefully to ensure that its not a .net or .org when it should be a .com or .com.au
  • Always send a confirmation email to your supplier to alert them that your invoice has been paid as this shortens the cycle dramatically for the scammer which could enable banks & authorities to retrieve misappropriated funds.
  • If you receive notification from a customer that a large bill has been paid but can’t see the funds follow it up immediately with the customer as your outgoing email may have been compromised.
  • If you suspect you have received an altered invoice or that one has been sent in your name, contact authorities immediately on WA ScamNet at Consumer Protection by calling 1300 30 40 54 or emailing: scamquery@commerce.wa.gov.au.

For more information see these articles:

And finally before you ask – yes the Chamber has changed its bank account details! Our new account is still at the Bendigo Bank so same BSB 633-108 but new account number of 149739567. If you require further confirmation call me on 9756 2776, thanks Mel.

Phone Calls from ‘Microsoft Support’ resurface

One of our Chamber members contacted us late last night having been rung at home by a member of ‘Microsoft Support Service‘ to tell them that hackers had managed to target their PC and were actively stealing details from it. Our member was very concerned but remembered advice circulated last year about scam calls to home PC users and declined to follow the callers instructions.

In a new twist to this scam, 5 minutes later they received a call from Pamela Collins of Quantum PC Support in Melbourne giving her ‘company ID and a Melbourne phone number reiterating that thieves were accessing their PC and stealing banking & personal information. She talked about error & warning messages appearing on the PC screen and instructed our member to visit a website where they could download a program that would stop the thieves activity.

Luckily, our members PC was switched off at the time so they declined and rang us instead.

We decided to investigate the call further & rang Pamela on the number she had given. Although being a Melbourne code, the number was a Skype Number that redirected to a call centre in the US. We asked for Pamela who confirmed her company ID but when we asked her about her call to our member she transferred the call to a senior consultant – ‘Joe Watson’.

We asked for the location of the company & were told they were at 128, St Kilda Road, Melbourne. A quick check on Google Street View showed this to be a shop belonging to Daryl Collins Communications. We asked ‘Joe’ if this was their premises as we knew the area but he then said they were actually located a few  streets away near a girls school & declined to give another address.

We asked him for the technical background to the problem, he said the “Internet Infections are being loaded into the applications area of the PC, an area that anti-virus programs don’t check”.

We then pressed him on why they called this particular member of the public about problems with their PC. He said our member was just selected at random as they were calling ‘everybody‘ to warn them of computer virus’s and offer help to ‘fix’ the problem.

A number of points come out of this event:

  1. The aim of this scam is to encourage PC owners to visit a website & download ‘support’ software that will give this group full remote access to your PC. They will then charge you to ‘fix’ problems.
  2. By calling in the evening when it’s unlikely you have anyone you can ask for advice, they are relying on frightening you into following their instructions.
  3. Transferring your call from an Australian Skype number to an overseas call centre is likely to make any Federal Police investigation more difficult.
  4. If you receive one of these calls, don’t follow the instructions no matter how much they try to convince you of the immediate threat. Make notes of everything the caller tells you including contact details and seek advice.

There are a number of Internet resources and stories behind this scam:

Advice & Guidance:

Reported Call’s that match this profile:

 

If you have any doubt or worries, don’t keep them to yourself – seek advice. Please contact one of the Chamber of Commerce IT Business Members listed in the Business Directory.

Article Sponsored by Westcountry Web Services

If you would like to contribute an article to the Business Chamber, please contact the Chamber Secretary.

 

Phishing for Business?

Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.

It can be a big problem for businesses as staff are often caught out by emails they think are legitimate but which often turn out to be far from it!

Take a look at this one:

Does this look real?

;

The Chamber Secretary received this email reportedly from the ANZ Bank. While the logo is right and the copyright notice seems to suggest it’s legitimate, a quick look behind the text shows that that clicking on LOG IN takes you to a server in Russia!

Not the LOG IN you expected?

While it’s easy to say don’t click on any link in a banking email, you can see how easy it is to be fooled. The writer even used the ANZ logo, linked to the genuine ANZ website.

By clicking on the link, you will no doubt end up on a website that either mimics the banks login page in order to obtain your account details or holds malicious code that may well infect your computer. Either way, its not the best way to start your day.

Luckily, this email was spotted by Norton Spam Filter which removed the active link & placed it in the Spam folder, is your PC anti virus up to date or are you relying on luck?

——————————————————————————————————-

An article from Westcountry Web Service. If you are a chamber member and would like to contribute an article, please email the Chamber Secretary.