Contact Consumer Protection
Tel: 1300 30 40 54
consumer@demirs.wa.gov.au
See all Consumer Protection office locations
9 September 2020
Payment diversion fraud scams cost businesses nationwide a staggering $132 million last year, according to the Australian Competition & Consumer Commission’s (ACCC) Targeting Scams report. Across the country there has been a marked increase in these interception scams, where an email account is hacked and the fraudster enters a conversation between a payer and payee and redirects money to a different account.
Here in Western Australia, as a result of Consumer Protection working closely with the real estate and settlement industry, losses in these payment scams were small compared to the national total, at $1.4 million. However, the risk is still real, and WA ScamNet continue to target interception frauds, encouraging settlement agents to keep watchful and report any attempts to hack into their system.
To prevent these costly frauds it’s important to have strong and secure systems and overlapping processes in place for verifying and paying accounts. As settlement agents must exercise due care, diligence and skill when acting for clients, it’s their responsibility to make sure they also have up-to-date anti-virus and anti-spyware software.
Settlement agents need to beware and stay vigilant to prevent cyber-attacks. Property scams often start with buyers who want to make payment receiving an email they believe is from their settlement agent. Instead, it’s from a scammer who has hacked into the agent's email account. New bank details are provide for the buyer, duping them into paying into the fraudster's account. By the time the buyer realises the funds have not landed in the settlement agent’s trust account, their money has disappeared into a scammer’s hands.
As settlement agents hold funds in trust it is vital they establish a series of secure measures that work together to protect their business:
Settlement agents should:
Agents also need to watch out for attacks from cyber criminals who infiltrate and lock down computer systems and then demand a ransom to have the system unlocked. A recent local case highlights the serious nature of these attacks.
All businesses should regularly review and update their cyber security so that they have the latest anti-virus software and firewalls to guard against malware. Staff should not automatically open attachments or click on links in emails, especially if the sender is unknown. Even when senders are known, staff should take care as accounts may have been hacked.
There are a number of online resources available to help you safeguard your business from cyber-attacks and online hacking frauds. Subscribe to the following scam alert sites to keep you informed:
Contact 1300 304 054 or email consumer@demirs.wa.gov.au.
Last modified: