The latest figures reveal phishing is a practice that is only becoming more and more widespread. Phishing was the most reported scam to Scamwatch in 2022, with the government website recording 74,573 complaints — a 4.6 per cent increase on the previous year. In 2022, the total financial losses from phishing reported to Scamwatch and the Australian Financial Crimes Exchange totalled $157.6 million.
Advances in machine learning and AI have made it harder to detect phishing scams.
The success of a phishing scam hinges on manipulating the emotions and behaviours of a potential victim.
Urgent calls to action requiring a victim to pay off an outstanding tax debt or reactivate a suspended bank account are common techniques used by scammers. Ofir Turel, professor of information systems management at the University of Melbourne, says scammers appeal to the impulsive part of our brains, using temptation to override restrained, logical thinking.
Phishing attacks commonly employ language that provokes a sense of urgency in its victims.(Supplied: Scamwatch)
Australians lost over $851 million to scams in 2020, a record amount, as scammers took advantage of the pandemic to con unsuspecting people, according to the ACCC’s latest Targeting Scams report released today.
“Unfortunately scammers continue to become more sophisticated and last year used the COVID-19 pandemic to scam and take advantage of people from all walks of life during this crisis.” stated ACCC Deputy Chair. “Victoria, which was significantly impacted by the second wave of the virus, recorded the highest losses nationwide for the first time and Victorians reported $49 million in losses to Scamwatch, more than double those in 2019.”
Health and medical scams increased more than 20 fold compared to 2019, accounting for over $3.9 million in losses.
Phishing activity also thrived during the pandemic, especially through government impersonation scams. There were over 44,000 reports of phishing scams, representing a 75 per cent increase.
New research from the Take Five to Stop Fraud campaign by UK Finance has revealed eight in ten (80 per cent) people in UK would feel embarrassed if they fell for a financial scam.
May 19th, 2020 Posted by GobbillUncategorized
0 thoughts on “Reported Covid-19 scams have now reached $700,000 with a spike in puppy scams”
Scamwatch reports 2,000 COVID19 scams with losses now more than $700,000. This is only the reported figure with unreported figures accounted for.
There has been also a spike in ‘puppy scams’ during coronavirus lockdown reaching $360,000. “A lot of people are stuck at home and going online to buy a pet to help them get through the loneliness of social isolation,” ACCC Deputy Chair Delia Rickard said. “Unfortunately the rush to get a new pet and the unusual circumstances of COVID-19 makes it harder to work out what’s real or a scam.”
COVID-19 has been a hot bed for fraudulent activity with scammers targeting those in search of a furry companion reports 9News.
07/04/2020 Police Arrests following Invoice Fraud NSW Police last week arrested and charged two men over their alleged involvement in a $2.6 million Business Email Compromise (BEC) scam syndicate. The scam involved sending altered invoices to businesses who unknowingly paid the scammers into their accounts.
One of the men is believed by police to be the leader of the syndicate and faces charges related to directing a criminal group. Police allege he gained more than $1.6 million, and unsuccessfully tried to gain nearly another $1 million through email scams from mid-2018 until early this year.
Commander of the NSW Cybercrime Squad, Matthew Craft, said cybercrime presents “a unique challenge for law enforcement”. “These arrests are a timely reminder for all individuals and businesses to have strong cyber security measures in place for protection,” Craft said.
“During this investigation, officers uncovered a criminal network targeting hard-working Australian businesses through a series of sophisticated email scams,” Det Supt Craft said. Police charged three other people last year in relation to the same investigation.
Business email compromise scams Business email compromise (BEC) scams – where finance staff are deceived into paying fake invoices –are becoming increasingly common.
In 2018 alone, it was estimated that Australian businesses lost more than $60 million from this type of scam.
An ice rink in Sydney’s South West fell victim to a BEC scam earlier this year after receiving changed payment details for a new ice resurfacer it was purchasing, transferring $77,000 into an unknown Hungarian bank account.
Currently, the COVID-19 outbreak is creating a new set of challenges for businesses trying to shore up their cyber defences. There has been a rise in the number of coronavirus-related scams in recent weeks. With many Australian businesses trying to operate remotely to help encourage social distancing, networks could be more vulnerable as they are spread away from centralised IT systems.
How can you protect your business? The Australian Cyber Security Centre has a list of strategies to mitigate the effects of cyber-attacks during the COVID-19, but one of the simplest steps business owners or accountants/bookkeepers can take to reduce their risk is to implement Gobbill as their accounts payable solution.
Gobbill is a simple, affordable bill payment automation and fraud protection tool that protects users from scams like Business Email Compromise. Our unique Know Your Biller process checks every document before it is scheduled to be paid, and intervenes to stop payment of any bills which are suspicious or have been tampered with.
Plans start from $25 per month, with a free 1 month trial on our small business plan.
March 27th, 2020 Posted by GobbillAlerts, Featured, Staysmartonline
0 thoughts on “Alert Priority HIGH: Widespread reports of COVID-19 malicious scams being sent to Australians”
27 March 2020
What’s happened? The Australian Cyber Security Centre (ACSC) is aware of a significant increase in Australians being targeted with COVID-19 related scams and phishing emails.
In the last three months, the ACSC and the Australian Competition and the Consumer Commission’s (ACCC) Scamwatch has received over 140 reports from individuals and businesses across Australia.
These phishing emails are often sophisticated, preying on people’s desire for information and imitating trusted and well-known organisations or government agencies.
Clicking on these malicious links or visiting fake websites may automatically install computer viruses or malware and ransomware onto your device, giving cyber criminals the ability to steal your financial and personal information.
These scams are likely to increase over the coming weeks and months and the ACSC strongly encourages organisations and individuals to remain alert.
Here are some examples of what to look out for now: Example 1: SMS phishing scam messages offering where to get tested for COVID-19 or how to protect yourself In these examples, the SMS appears to come from ‘GOV’ or ‘GMAIL’, with a malicious link to find out where to get tested in your local area.
Scamwatch and the ACSC is also aware of a SMS scam using the sender identification of ‘myGov.’ These scam messages are appearing in the same conversation threads as previous official SMS messages you may have received from myGov. Example 2: COVID-19 phishing email impersonating Australia Post to steal personal information Under the pretence of providing advice about travelling to countries with confirmed cases of COVID-19, this phishing email aims to trick you into visiting a website that will steal your personal and financial information. Once they have your personal information, the scammers can open bank accounts or credit cards in your name, often using these stolen funds to purchase luxury items or transfer the money into untraceable crypto-currencies such as bitcoin. Example 3: Phishing emails pretending to be an international health sector organisation This is an example of one COVID-19 themed phishing email where the sender is pretending to be a well-known international health organisation. The email prompts you to click on the web link to access information about new cases of the virus in your local area, or to open an attachment for advice on safety measures to prevent the spread.
Example 4: Phishing emails containing malicious attachments In this example, the phishing email is pretending to be from the World Health Organization and prompts you to open an attachment for advice on safety measures to prevent the spread of COVID-19. When opened, the attached file contains malicious software that automatically downloads onto your device, providing the scammer with ongoing access to your device. Example 5: COVID-19 relief payment scam Scammers are also sending phishing emails targeting an increasing number of Australians that are seeking to work from home, wanting to help with relief efforts or requiring financial assistance if they find themselves out of work. In this example, the email offers recipients $2,500 in ‘COVID-19 assistance’ payments if they complete an attached application form. Opening the attachment may download malicious software onto your device. How do I stay safe?The ACSC has produced a detailed report, including practical cyber security advice that organisations and individuals can follow to reduce the risk of harm.
You can read the report and protect yourself by following these simple steps:Read the message carefully, and look for anything that isn’t quite right, such as tracking numbers, names, attachment names, sender, message subject and hyperlinks.If unsure, call the organisation on their official number, as it appears on their website and double check the details or confirm that the request is legitimate. Do not contact the phone number or email address contained in the message, as this most likely belongs to the scammer.Use sources such as the organisation’s mobile phone app, web site or social media page to verify the message. Often large organisations, like Australia Post, will have scam alert pages on their websites, with details of current known scams using their branding, to watch out for.If you’ve received one of these messages and you’ve clicked on the link, or you’re concerned your personal details have been compromised, contact your financial institution immediately. More informationIf you’ve suffered financial loss from cybercrime, report it to ReportCyber at www.cyber.gov.au/report.
Visit cyber.gov.au for advice to help businesses stay secure from cyber threats, whilst managing a remote workforce.
More advice and support is available on our Get help page.
For information on the COVID-19 pandemic, visit https://www.health.gov.au The information provided here is of a general nature. Everyone’s circumstances are different. If you require specific advice you should contact your local technical support provider. Feedback Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.
Disclaimer This information has been prepared by the ACSC. It was accurate and up to date at the time of publishing. This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice. The Commonwealth and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise. Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service. Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.
October 10th, 2017 Posted by GobbillAlerts, Internet Safety, Staysmartonline
0 thoughts on “ACCC reports online scam losses total nearly $37 million so far in 2017. 45 to 54 y/o most likely to lose money.”
This Stay Smart Online Week (9-13 October), the ACCC is warning the community to watch out for common online scams they might encounter.
The online sphere – email, the internet, social media and mobile apps – has overtaken telephones as scammers’ preferred tool of the trade to contact potential victims. In 2017, the ACCC’s Scamwatch site has received more than 51,000 reports of scammers trying to con people online. Online scam losses total nearly $37 million so far in 2017, with people aged 45 to 54 most likely to lose money.
“It’s difficult to spot a scammer online these days as they go to great lengths to trick the public and steal personal information and money,” ACCC Deputy Chair Delia Rickard said.
The top three scams that people are most likely to encounter online are:
Phishing – often delivered via email, scammers will pretend to be from well-known businesses and government departments to con unsuspecting victims out of their personal information and money. For example they might say they’re from Apple and you need to reset your password for security reasons, or they may offer you a gift voucher to a major supermarket for completing a ‘survey’.
False billing – scammers will pretend to be from a utility provider such as your phone or energy company and send you a fake bill. These scams can be very hard to pick as the fake bills scammers send look authentic.
Buying and selling – scammers will trick people who are looking to buy or sell goods online. For example, they may set up a fake online store that sells well-known brands at seemingly too-good-to-be-true prices; or they may set up a fake listing on a classifieds website.
Ms Rickard said there are some simple techniques members of the public can employ to avoid being stung by a scammer online.
“While scammers are often after your money, they’re also trying to steal your personal information, which is just as valuable. It’s important to safeguard your personal details online the same way you would your wallet,” Ms Rickard said.
“If you’re ever contacted out of the blue, particularly via email, by someone asking you to pay a bill, complete a survey or update your passwords, it pays to be sceptical. If it seems too good to be true, it probably is.”
“If you’re unsure about the legitimacy of something online like a store, classified listing or email you receive, do you own research as others who have been stung by scammers will often post warnings for others. There are also plenty of very useful tips and advice at www.scamwatch.gov.au to avoid being stung by online scams,” Ms Rickard said.
