Contact Us

Australian Cyber Security Centre warns of significant increase in business email compromise scams | Queensland Country Life | Queensland

Cyber Security | January 11, 2021

A Dalby farmer who has been scammed to the tune of $90,000 is warning others to be on the lookout for similar activity.

Noel and Suzi Rockliff thought nothing of it when they received their usual email from Arrow Energy at the end of July reminding them to make their quarterly payment for land they lease from the company, together with details of changes to the bank account money was to be credited into.

They only realised they’d been involved in a fraudulent transaction when they received communication from Arrow a week later asking why they hadn’t met their payment commitment.

The fake cover letter accompanying the email received by the Rockliffs, which appeared similar to advice from other companies they deal with.

“We receive similar messages regularly from other businesses and didn’t think to check,” Mr Rockliff said. “It was identical to the usual message we receive and didn’t ring any alarm bells.”

They immediately contacted their bank and the police, who confirmed that the money hadn’t gone to Arrow Energy.

“The police told me when they looked into it, that account had cleared a couple of hundred thousand dollars,” Mr Rockliff said.

The matter is currently under investigation by Dalby CIB, who were contacted for comment on the case.

“We have had our computer checked by an IT specialist who confirmed it was highly unlikely that our machine had been compromised,” Mr Rockliff said.

The real invoice received by the Rockliffs is almost identical to the fake one on the right.

The family met with Arrow Energy five weeks ago to negotiate a way forward and said they had been understanding of the situation.

“At this stage they’ve put everything on hold for 12 months pending the police investigation, and we haven’t lost any money yet, but I’m not sure how it will end.

“I’ve paid my next quarterly payment, by cheque, that was due at the start of November.

“Furthermore, we’ll make future payments by credit card rather than by direct debit.”

Australian Cyber Security Centre head Abigail Bradshaw said there had been a significant increase in the use of business email compromise scams by cyber-criminals.

“In the 2019-20 financial year there were 4255 reports of BEC scams reported through the ACSC’s ReportCyber tool, representing losses of over $142 million,” she said. “This type of fraud has been used to hoodwink many Australians and Australian businesses out of often very large sums of money.”

The ACSC has released a new publication – Protecting Against Business Email Compromise – to help people identify scams and prevent email accounts from being compromised.

Mr Rockliff said if they’d been scammed, it could easily happen to other farmers and he wanted people to be aware.

“The other scary thing is if something similar happened with Graincorp and I don’t get the money I’m owed from them,” he said. “We didn’t sleep for a week as it was.”

This content was originally published here.