There’s been a couple of stories in the media lately which are testament to the ever increasing sophistication of online scams. These should act as a warning for us all to remain vigilant and to take appropriate steps to protect our privacy as we spend more and more time online.
Almost 16 million Commonwealth Bank customers were sent an email in recent weeks which directed recipients to “Confirm My Account”. After clicking this button, users were directed to an authentic looking fake website – where unsuspecting customers provided their bank login details along with other personal information.
Also recently a Sydney couple inadvertently transferred $1 million into what they believed was their solicitor’s trust account. The transaction that seemed absolutely legitimate because the couple was in the process of finalising the purchase of a property. The couple say the email looked exactly like an email from their solicitor, and they really didn’t think twice – all the documentation in the email related to the sale of the property. But when the money never arrived in their lawyer’s account, alarm bells started to ring.
This particular type of cyber crime is called a Business Email Compromise Scam (BEC). It often occurs when the business email address is compromised and the fraudster impersonates the business. This type of scam is becoming increasingly common – fake invoices, and fake websites are becoming much harder to detect, even to trained professionals.
Cyber criminals are becoming increasingly clever
While that particular scam is still being investigated, it is another example of just how clever cyber criminals are, and how no avenue is completely protected.
A recent report into cybercrime suggests that it costs the economy about $3.5 Billion each year, and while these kinds of statistics give us context, they don’t portray the effect of cyber crime on actual victims – having your bank account drained, your identity stolen, having your pension fund depleted – these are things that are very difficult to recover from – not just financially but emotionally too – even if the criminal activity results in an investigation, charges being laid and a successful prosecution.
While Australian cyber security legislation is updated regularly, to keep the pace with the rapidly changing digital environment, cyber crime is often cross-jurisdictional, which doesn’t make these crimes impossible to prosecute, but it can mean that it takes time to bring criminals to justice, so in many ways the onus is on us, to keep ourselves safe online.
How to keep yourself safe online
To protect yourself online, stick to the basics – keep security settings and passwords updated regularly. Ensure that you share minimal personal information, and know who you are sharing it with – this includes being careful about what you post, including photos, on social media or on dating apps or via private messages.
And, as a general rule of thumb, if something looks suspicious, then treat it as such. If you’re not sure, do nothing. Be proactive and contact the company – if you don’t and the matter is important, then the company will contact you eventually, via another method.
Cyber crime typically relies on its victims to fall prey to scams because they’re busy, tired or distracted.. But, if there are grammatical errors in the correspondence you have received, or if images don’t look quite right, then contact the company.
Recently NRMA sent an email to a significant number of it’s insurance customers to tell them they were entitled to a refund. Most respondents of the communication actually made calls to the company to check on the legitimacy of the refunds. They were completely above board — but, it pays to double-check.
What to do if you think you’re a victim of cyber crime
If you believe you have been a victim of a cyber crime then contact the Australian Cyber Security Centre (ACSC). Aside from reporting the scam itself, contact the company the fraudster was imitating, for two reasons – so they can alert other customers and put in place the appropriate steps to stop the fraud from continuing, but also to find out if you are entitled to any compensation for your loss.
And while it’s difficult , the most important thing is not to feel shame – cyber crime of all kinds is on the rise, and it affects people from all walks of life.
This post is informative only. It is not legal advice.
If you have a specific legal matter you’d like to discuss, please contact us.