Email scams get smarter
When it comes to email scams, many of us think of unsolicited and badly spelt requests for money landing in our inboxes from dodgy email accounts.
But the reality is email scams are now so sophisticated and believable they’re almost impossible to tell apart from the real thing.
One such ruse is the payment redirection or ‘man in the middle’ scam, which involves a scammer pretending to be a legitimate company seeking payment to a bank account they control.
The scammer will secretly hack into your computer, or that of the business you’re dealing with, and either alter bank details on an invoice or send a separate email saying they have recently changed bank accounts.
Sometimes the fake invoice will come from the company’s own email address if it has been hacked, or from an address with a slight variation. Often you won’t realise you’ve been scammed until the genuine business starts chasing you for the money owed — by then it is usually too late to recoup the funds.
Payment redirection scams tricked West Australians out of $1.3 million in 2019, up 400 per cent from the previous year.
Last year, a Yangebup association paid $5200 — meant for suppliers who had provided services to a Carols by Candlelight event — into the wrong bank accounts, after a scammer hacked into their email account changing the rules to divert invoices as they arrived. After altering the bank details, the invoices were then put back into the association’s inbox to appear as if from the genuine suppliers.
It’s important to stay vigilant to protect yourself. Use the correct, verified phone number from the company’s website to confirm if the request is legitimate, or if emailing directly type the known email address in the ‘to’ section.
Tom Chapman is the senior regional officer for Consumer Protection in the Kimberley.
Get the latest news from thewest.com.au in your inbox.
Sign up for our emails