Check the Bank details..

An email from Simon to Jane took 14 hours to arrive. It cost them $51,000

A simple phone call could have fixed this from the start..

 

Yes this was a nasty one

 

Wow that’s scary!

 

It is not uncommon, know of people it has happened to buying on online auctions Only takes a few minutes for some-one to intercept change and resend email.. Any new or different bank account numbers should be verified by text message

 

Nasty!

 

The bank transfer system is seriously flawed.

There should be a "check system" in place.

Whenever a bank account number has been changed, the person making the payment should receive a pop up on their screen warning them that the bank acct number has been changed and to contact the recipient of the funds to verify.

 

Professor Hyphen-Guy "...believes hackers gained remote access by hacking the builder's website and surreptitiously redirecting visitors to another site which installed malicious software."

I realise he has to justify his tenure, but I'm (maybe naively) unsure why emailing an invoice from point A to point B would involve accessing the builder's website, resulting in the download of malware, where that malware was later not found on either users' PCs. Anyway, whatever.

More likely, some wally hacker accessed Jane's email Inbox via Webmail, downloaded the attachment (invoice copy), deleted the email from the Inbox, modified the attachment and then resent the email, spoofing the FROM address, and explaining the subsequent time lapse.

Jane then, from what the ABC story indicates, went and paid 51 grand via Bendigo Bank to a CBA account, all of which is legit, so it's a bit of a stretch to blame the banks, as they were following the instructions they had been given. Although @datto 's check system has a lot of merit.

Maybe, Jane should have made a call (or not, depending on your point of view), but the real question is "Did Simon get paid?", whilst Jane sorts out whatever IT and finance issues she has...

 

The solicitor handling our property sale these past few months has a huge warning about scams on all their correspondence. This is all new to me. It instructs their clients to never put bank account details in an email or text, but to verbally give our account details only, ie phone to check. We also had to physically visit their office with our photo ID when we first engaged them.

 

It really surprises me that in this day and age, businesses are not set up with portals where a regular client can’t go in and retrieve invoices.
Similarly, my solicitor (selling property) sends me a document asking me to sign and fill my credit card details in/pay into their trust account, without any encryption. Even with signing something, I don’t understand why they don’t use services like DocuSign, which is a lot more secure.

 

Lots of scams at the moment! I was recently scammed myself. A family member sent me an email with a code for a Black Friday sale where you bought a $200 gift card for $300 worth of value at this shop during this week. She had already bought hers and I asked for the email. It all looked legit but I didn’t question it, just bought it. It was done through shopify. Someone inside shopify was intercepting emails and when my gift card didn’t work I called the shop and they told me it was a scam. It was purchased on credit card so I’ll get my money back but now I’m without a credit card during the Black Friday sales!

 

the ole "if it's to good to be true" chestnut

 

To be fair there are some awesome Black Friday deals about. Last year I got $800 off a $2000 TV. This year I don’t have a credit card!

 

There a big difference between cash off in store and a "promise" of money for nothing