2019 = Scam Watch
Welcome to 2019 = Scam Watch. Scams continue to grow rapidly, and they continue to evolve to elaborate making it more and more difficult for people to recognise and avoid. The Australian government through Scamwatch.gov.au continues to report that Scams are costing the broader community significant amounts of money. Not only consumers but business as well with Small to Medium businesses being a very specific target.
Not all scams are related to the internet but the radar watch on scams reports that YTD October 2018, there was 15,195 reported incidents of which 9% involved a financial loss and $4.966 million had been lost. The key methods for delivering a scam are phone, email, text messaging, the internet and mobile applications.
As the variety of scams continues to grow, and the best form of defence is education and ensuring your IT systems are up to date with virus protection, that your data is backed up and that you are effectively managing access to your systems and email.
The criminals have continued to become more sophisticated with their ability to make an email to appear it is from a legitimate company. This hack involves a company receiving an email re the payee’s bank details have changed and that their invoices for services/goods should be paid to this new account.
In January there is an expectation that more scams involving online shopping, donations to fake charities and investment scams will have been reported over the Xmas period.
Understanding the Scam
Hacking is when the scammer gains access to your personal/business information by using technology to break into your computer, mobile device or network.
Some examples are to trick the user into installing some malware (software application) onto your computer and then that software works in the background to collect personal information such as banking records, passwords, credit card numbers etc.
Once they have this information, they use it to commit fraudulent activities such as identity theft or credit card theft or even directly transfer money to their accounts from your account.
Identity theft is where a person uses someone else’s identity to steal money or gain other benefits. A common method is Phishing, which is where you are contacted either by Phone, email, text, social media and then without suspecting anything you provide personal details.
This method equally applies to businesses but is referred to as Whaling or spear phishing. The scammer targets the business to gain confidential information for fraudulent purposes. Usually done by email that is sent to either a group of employees or a specific senior executive. The design of the email looks like it has been sent from a trustworthy source, with a subject that captures the eye as it is critical business issue that the requires the recipient to act by going to a fake website and prompting them to enter key confidential information.
What are some of the scams?
The following list is not exhaustive, but they give you an idea of where you might encounter a scam.
Holiday accommodation scam: this is where scammers are asking for a payment for something that does not exist. Means fake online websites, fake vouchers unusual practices like paying everything in total (especially bigger trips) with no deposit.
Flight booking scams: same approach using online techniques through fake websites you pay turn up at the airport and you do not have an authentic flight ticket
Online shopping scams: the scammer tricks through fake classified ads, auction listings, and bogus websites. You purchase but never receive the goods and the website is often only there for a very short period.
Celebrity endorsement scams: these types of scams involve a loss of between $100 and $500. This scam involves signing up for a free trial and providing credit card details from fake websites where they use celebrities to endorse the product without the celebrity’s knowledge.
False Billing: They request you or your business to pay fake invoices for directory listing, advertising, domain name renewals, or office supplies that you did not order. This type of scam has grown by 33% in 2018. It is a sophisticated scam created through email compromise (BEC, Business Email Compromise). Losses of up to $2.8 million have been reported in 2018.
What are the key things you should do to protect yourself or business?
The following items are not listed in any order, but you should at least implement these items to mitigate the risk.
- DO an annual Security IT assessment and act on the recommendations.
- Do ensure your Antivirus software is up to date and is maintained weekly. Ensure you have a weekly maintenance schedule where this is checked and updated
- Do have a person responsible for maintaining and regulating your user profiles for your computers and email services.
- Have IT security as a regular point of discussion at your team meetings Share stories and examples so your team become more educated at identifying possible threats.
- Ensure you have backup and that it is checked regularly that it worked at the last scheduled backup time.
- Install a password manager for all staff
How can Computer Troubleshooters help you?
As a small business you probably won’t have the time or the resource to undertake all the above, which is why are joining forces with Crest Australia to conduct IT security assessments that have been backed by the Australian Government with rebates on the fees. Learn more on this Federal government program.
Our Total Protection Plan service is directly aimed at residential, home, and small to medium businesses which allows you to focus on your business while we focus on your IT security giving you the confidence and peace of mind on this business issue.