Invoice Email Scam – Be on Guard
How it works is that the scammers pretend to be legitimate suppliers who contact businesses owners to advise changes to payment arrangements. Unfortunately, being scammed may not be detected until your real suppliers complain that they have not received your payment.
The ACCC outline the following process on how the scam works:
- Scammers hack into vendor and/or supplier email accounts and obtain information such as customer lists, bank details and previous invoices.
- Your business receives an email, supposedly from a vendor, requesting a wire transfer to a new or different bank account.
- The scammers either disguise their email address or create a new address that looks nearly identical. The emails may be spoofed by adding, removing, or subtly changing characters in the email address which makes it difficult to identify the scammer’s email from a legitimate address.
- The email may look to be from a genuine supplier and often copy a business’s logo and message format. It may also contain links to websites that are convincing fakes of the real company’s homepage or links to the real homepage itself.
- The scam email requests a change to usual billing arrangements and asks you to transfer money to a different account, usually by wire transfer.
It is so important that business owners operate with sound robust account keeping practices to minimise falling victim to scams. Make sure you have a clearly defined relationship with suppliers and double check with them if they advise change of banking arrangements. Here’s some more tips from the ACCC to assist to minimise being a victim to this scam:
- Make yours a ‘fraud-free’ business – effective management procedures can go a long way towards preventing scams. Have a clearly defined process for verifying and paying accounts and invoices.
- Consider a multi-person approval process for transactions over a certain dollar threshold.
- Ensure your staff are aware of this scam and understand how it works so they can identify it, avoid it and report it.
- Double check email addresses – scammers can create a new account which is very close to the real one; if you look closely you can usually spot the fake.
- DO NOT seek verification via email – you may be simply responding to the scammer’s email or scammers may have the capacity to intercept the email.
- If you think a request is suspicious, telephone the business to seek verification of the email’s authenticity.
- DO NOT call any telephone number listed in the email; instead, use contact details that you already have on file for the business, or that you have sourced independently – for example, from a telephone directory.
- DO NOT pay, give out or clarify any information about your business until you have looked into the matter further.
- Check your IT systems for viruses or malware – always keep your computer security up-to-date with anti-virus and anti-spyware software and a good firewall.
If you are not confident your practices are sound, call Balanix Solutions today – we can help (3264 4783)
Report scams to the ACCC via the SCAMwatch report a scam page or by calling 1300 795 995. Also, spread the word to colleagues through social media, newsletters etc to minimise the impact of the scams.
Balanix Solutions – Taxation | Accounting | Business Advise
Situated in Strathpine on Brisbane North, we partner with our clients to assist them in their accounting, business management and bookkeeping needs. Our clients vary in industries from professional services (such as law, vet and dentist) to the trades (mechanic, bricklaying, plasterer etc), hospitality and retail. Are clients are located in the Pine Rivers area (including Brendale, Lawnton, Albany Creek and Eatons Hill) through to Kallangur, Petrie, North Lakes and Caboolture, as well as Brisbane South, the Gold Coast and various other parts of Queensland.
Call us today … we can help (07 3264 4783)