The scam could be a call from someone claiming to be from the ATO. It could have been a text promising risk-free returns on a new investment trend. Or a deceptive link in an official-looking email.
We’ve all been the target of scammers. Although old-fashioned scams, with bad spelling and fantastic promises are still around, they’ve been overtaken by a more diverse and sophisticated new breed.
Scams are scary. One click can cost you thousands of dollars and lots of heartache. For people unlucky enough to fall victim to fraud, embarrassment can prevent them from sharing their experience.
There are simple, practical ways you can protect yourself and your business against scams and fraud. Grant Baxter, the Senior Manager of Fraud Operations at Bendigo and Adelaide Bank delves into the modern scam industry and practical tips to keep yourself safe.
The risks are evolving
Asked if scams are becoming more common, Grant doesn’t hesitate. “Absolutely”, he says, pointing to research published by the Australian Competition and Consumer Commission (ACCC) in early July, which found that Australians lost more than $2 billion to scams in 2021 – an all-time record.
“The behaviour of customers and scammers has changed,” Grant explains. “As more and more transactions take place online, scammers are adapting.” That’s why you’re more likely to receive phone calls from people falsely claiming to be from the Australian Tax Office (ATO) at tax time, and it’s why some opportunistic scammers pretending to be from the Department of Health call to solemnly inform you that you’re a close Covid-19 contact (and ask for your personal details).
According to Grant, there are a few reasons scams are becoming more frequent and more diverse:
- The ACCC data has shown there is money to be made.
- Technological advances have increased the number of channels scammers use to target people.
- Scammers are becoming more sophisticated. “Scammers leverage human emotions including the desire to get rich quick and the desire to have access to inside information,” Grant says.
An ACCC document of common case studies highlights that business owners should be aware of the following types of scams:
- Fake ATO calls designed to obtain financial information.
- Investment scams which promise risk-free returns.
- Authorised push payment fraud, where scammers deceive people into transferring money to an account controlled by the scammer.
- Remote access scams, where scammers pose as technicians (e.g. NBN workers) and trick victims into downloading malicious software.
- Business email compromise scams where the scammer emails the victim pretending to be a trusted authority figure requesting payment (usually from a corporate account, such as a business or social club).
- Online shopping scams, including those where the scammer forces the victim to quickly go through with a purchase. Second-hand car sales where the seller claims to be unable to accommodate an inspection are a common example.
- Threat or blackmail-based scams where the scammer, often impersonating the police or another authority figure, falsely accuses the victim of fraud and asks for money or personal information as a “show of innocence”.
Responding to scams
Falling victim to a scam can be devastating. It’s natural and understandable to not want to share your experience. But, says Grant, sharing is key. Scams can befall anyone, regardless of age or experience with technology.
The other reason is that acting fast is key, so your bank has the best chance of recovering your stolen funds.
The Financial Crime Risk team at Bendigo and Adelaide Bank has a three-stage process to identify fraud and recover customer funds. “The first thing we do is loss mitigation. We verify the fraud and stop the bleeding,” Grant says. Then it’s about education: working with the customer, other banks and organisations such as IDCARE to understand how the fraud happened. The final step is recovery of funds.
One of the ways Bendigo and Adelaide Bank monitors risks is by being part of an active, industry-wide community of bankers specialising in financial crime and scams. “We all learn together,” says Grant. “Sharing what we’re all seeing is the only way to go.” Professionals and consumers in Australia used to be able to rest easier knowing that scams which originated overseas would take some time migrating to our shores. “Not anymore,” according to Grant. “With the internet being what it is, scams travel across the globe almost instantly.”
Practical tips and best practice
Grant recommends the following for businesses looking to protect themselves online:
- Multi-factor authentication: enable this on your most important accounts to add another layer of protection when logging in.
- Different passwords: don’t reuse passwords, especially on your most important online accounts. The best security advice is to use a password manager (software which securely stores and organises your passwords for different apps and websites).
- Talk to trusted friends and colleagues: if a deal seems dodgy or a phone call doesn’t feel right, talk to someone you trust like a friend or a colleague who’s active online.
- Be vigilant: only click links in emails or text messages from sources you trust. If you’re on a website that looks even a little suspicious, double-check the URL. If someone asks you for personal details over the phone, take the time to verify their identity.
No advice is failsafe. For many business owners, every call from an unknown number could be a new customer. Grant’s most important piece of advice is to be mindful. “Always take the time to validate what you’re doing,” he says. “The ATO or your bank would never call you asking for your account details. Ask yourself if something sounds too good to be true – then it probably is.”