Scams and fraud have been around since the dawn of time, but with the increased dependence on technology and digital communication, it is becoming more and more difficult to identify the difference between what is legitimate, and what is not. Scam messages sent to a cell phone or email address have started to look remarkably like official correspondence from various sources such as banks, the government, and law enforcement.
In 2015, almost 105,000 cases of identity theft, hacking, or “phishing” were reported by Australians, aggregating nearly $85m in lost finances. Whilst those aged 65 and over are typically the main target, the Australian Government site, Scam Watch, suggests that anyone over 25 will likely be targeted in some degree.
Whilst email scams are certainly nothing new, the ABC ran an article in February highlighting a sophisticated SMS campaign that was targeting mobile banking customers. ANZ, Bank of Queensland, St George Bank, Suncorp Bank, NAB, Macquarie Bank, Heritage Bank, Bendigo Bank and GE Money were all imitated in the ongoing scam.
What’s more troubling is how genuine the SMS or imitation emails can appear. Emails from financial institutions, Google, Amazon or iTunes may be using the correct corporate stationary and use what looks like an official email address or phone number, but upon clicking a link or replying to the message, initiates the fraudulent process. Even the Australian Federal Police were imitated throughout 2015 in order to fleece victims out of bogus parking infringement fees.
In the USA, the FBI estimate that up to AU$3bn has been lost to remarkably sophisticated email scams that actually mimic CEO’s and managers within an organisation to fleece money and private details from staff. There is no doubt that electronic fraud has evolved, and is evolving, to a point that is proving difficult to determine if it is legitimate or fraudulent.
Play it safe
Unfortunately, there is no magic app or software that will protect us from these activities, but we can be proactive in how we behave electronically.
- Ensure that your computer system is protected with a reputable anti-virus, and/or firewall. Some mobile devices may claim not to need anti-virus but we strongly urge you to talk to your IT partner if you are unsure.
- Email spam settings are a tricky one – if your settings are too strict, genuine emails may be junked, but having an inbox full of spam and fraudulent emails is not ideal either. You may need to test various settings out over the course of a few weeks.
- Don’t click anything! Seriously! If you receive an email or SMS from any establishment asking for anything in relation to finances, credit card details, passwords, account numbers etc, treat it as fraudulent. If you aren’t sure but think it may have been an important email or SMS, call the establishment yourself and seek verification. This also includes any services linked with credit cards or bank accounts such as Amazon or eBay.
- Legitimate, reputable businesses won’t call you asking for balances, personal details, or login information. If you receive a phone call like this, hang up and call the business yourself to seek verification.
- If you are the type of person who likes to do their own investigating, you can always conduct an internet search for current scams to keep an eye out for. This may not cover all current activities but it won’t hurt to become familiar with the ones that are documented.
The above doesn’t guarantee protection, but it will certainly provide a greater chance of not getting stung.
What to do if you think you have been scammed
Visit Scam Watch to report the incident or call your local police station who can advise you on the best course of action, or for businesses, you can always discuss with your IT partner. For corporations and businesses, there are ongoing education and training courses that will skill your team on how to identify fraudulent communications and how to keep your business and your team protected from enabling the bad guys. Drop us a line (email@example.com) and we can certainly help you implement some practises to protect your business.