Australian Businesses Are Being Targeted In A New Email Invoice Scam

Picture: Flickr/Giorgio Montersino

Cyber criminals are hacking into business email accounts, pretending to be suppliers and getting payments redirected to a new account in a scam hitting Australian businesses.

Australian autorities are warning businesses to beware of an invoice email scam seeking payment re-direction.

The ACCC’s ScamWatch says the con trick involves scammers pretending to be legitimate suppliers requesting changes to payment arrangements, and has begun targeting Australian businesses after operating in the US and Canada.

Scammers hack into vendor and/or supplier email accounts and obtain information such as customer lists, bank details and previous invoices. The victim business then receives an email, supposedly from a vendor, requesting payments to a new or different bank account.

The emails may be spoofed by adding, removing, or subtly changing characters in the email address which makes it difficult to identify the scammer’s email from a legitimate address and often copy a business’ logo and message format. It may also contain links to websites that are convincing fakes of the real company’s homepage or links to the real homepage itself.

The scam may not be detected until the business is alerted by complaints from legitimate suppliers that they have not received payment.

ScamWatch says a business should not seek verification via email and should not call any phone number listed in the email; instead, use contact details already on file.

You can report scams to the ACCC via the SCAMwatch report a page or call 1300 795 995.