News Beware of Email Scams

[wendog33]

An email from Simon to Jane took 14 hours to arrive. It cost them $51,000

An email from Simon to Jane took 14 hours to arrive. It cost them $51,000

There's no way Jane Fleming could have known an emailed invoice was fake. It came from the right email address and all the business's details were correct — except the bank account number.

www.abc.net.au

 

[CroydonDog]

I've been done as has my business partner. I managed to get my money back ($27K) but partner lost more. Very stressful experience.

Mine was very sophisticated. It appears they hacked in months earlier and just lay in wait waiting for a keyword to pop up, then they sent a fake email from my address to someone who was about to pay me money changing banking details. They even used my style of writing and the guy who received it (someone i'd known for years) was none the wiser, and neither was I (the emails were set up to be buried in one of those folders nobody ever looks at, like RSS feeds).

We now have a firm policy that any payment or receipt over $5K must be confirmed via a second method (text or call). Everybody should be doing this, as well as having 2 step authentication for accessing email from new devices.

 

[Wahesh]

This is why I hate ebanking. Any transfer done electronically for me needs approval first. It will send a SMS with a code to my phone which I must then enter prior to payment being made. I then receive another SMS confirming payment.

 

[Wahesh]

 

[CroydonDog]

This is why I hate ebanking. Any transfer done electronically for me needs approval first. It will send a SMS with a code to my phone which I must then enter prior to payment being made. I then receive another SMS confirming payment.

That's definitely important for security generally - but it wouldn't stop this type of scam where hackers change details on the invoice.

 

[N4TE]

I've been done as has my business partner. I managed to get my money back ($27K) but partner lost more. Very stressful experience.

Mine was very sophisticated. It appears they hacked in months earlier and just lay in wait waiting for a keyword to pop up, then they sent a fake email from my address to someone who was about to pay me money changing banking details. They even used my style of writing and the guy who received it (someone i'd known for years) was none the wiser, and neither was I (the emails were set up to be buried in one of those folders nobody ever looks at, like RSS feeds).

We now have a firm policy that any payment or receipt over $5K must be confirmed via a second method (text or call). Everybody should be doing this, as well as having 2 step authentication for accessing email from new devices.

Pretty much word fir word thing happened to my company

 

[Rodzilla]

That's definitely important for security generally - but it wouldn't stop this type of scam where hackers change details on the invoice.

looking back was there anything you could see showing that it was a scam on face value

 

[CroydonDog]

looking back was there anything you could see showing that it was a scam on face value

From my end, no. From his end, only really that i'd changed the bank account details last minute. If he had procedures in place for making payments it would have been stopped.

Funny thing was that i saw him at a function a few hours after he made the payment and he told me he'd done it. If he had have said anything about the new account etc, we could have probably stopped it in its tracks. The money immediately went to a third account with a different bank and then off to Nigeria. I was quite lucky to get the money back - but the problem was that, technically i was not a party to the fraudulent transaction, but my mate who made the payment was so persistent with his bank (he did feel terrible about it all).

 

[ASSASSIN]

Fuck I hate thieves, scummy c***s.

 

[BELMORE]

Fuck I hate thieves, scummy c***s.

Fuckn oath. Hate this shit, all the ID fraud shit as well. Chop their fingers off

 

[CroydonDog]

Fuckn oath. Hate this shit, all the ID fraud shit as well. Chop their fingers off

would be great, but the perpetrators are in places like Nigeria and Russia, where even their own authorities/governments don't give a fuck.

 

[CaptainJackson]

would be great, but the perpetrators are in places like Nigeria and Russia, where even their own authorities/governments don't give a fuck.

Not they don't give a fuck, they take a cut.

Indian scam centres have been hacked by western hackers and they've informed authorities who don't do anything, because they're working with them.