Several Australian businesses have become the targets of a phishing freight scam losing an average of $30,000 to $100,000.
Phishing is on the rise as a method of online criminal activity focused on businesses. Victims are being scammed out of tens of thousands of dollars via this email phishing scheme. Right now, scammers are directing their fraudulent activity at IT and electrical businesses. Several Australian companies have shut down after becoming victim to a freight forwarding email according to the Australian Cyber Security Centre (ACSC). These victims are losing an average of $30,000 to $100,000 after sending their products to the scammers who request delayed payment credit terms from the victims.
The scammers trick victims into participating by spoofing internet emails, domains and signatures of executives of large Australian companies and universities to legitimise their communications. An example of how they work is they send their email from lendleases.com.au instead of the actual website lendlease.com.au. One of the fraudulent emails that the ACSC released is supposedly from a Chief Procurement Officer at the University of Sydney.
On each purchase order, the scammers request laptops, hard drives, cosmetics, defibrillators and environmental monitoring equipment, all items that can be easily resold. The targets are asked to ship the orders to a freight forwarding company which in turn, then sends them on to another fraudulent entity who acts as a middleman. Then the freight forwarding company becomes a second victim when their bill is paid using stolen credit cards or using an established credit line.
In this case, the scammers are requesting shipments to many locations including Singapore, Dubai, Dagenham, Kuala Lumpur, Malaysia and Deira according to the ACSC. Businesses should never automatically trust any unsolicited order of goods with credit without further investigation. However, it’s possible for these orders to slip through the cracks if you don’t have a strict policy for your approval process on every transaction. The ACSC requests that all organisations should do due diligence on any new customers or unusual orders, and investigate any customer before granting credit. They also suggest that businesses should check the domain of websites and emails that are referenced on a purchase order. A good follow up is to contact customers by phone to confirm that they are a legitimate company, and have placed the recent order. Lastly, it’s important to verify the shipping address over the phone.
Phishing is one of the most commonly-used cyber attacks in Australia. Statistics from the Office of the Australian Information Commissioner show that phishing accounts for 39 percent of all breaches reported. Therefore, it’s important to be aware of how to protect yourself at home and at work from phishing.
The victim receives an email that is simple in format and generally personalised and potentially from a known sender. It may look like an official email from a known organisation or company, and it invites the victim to click on an embedded link. Wording varies, but it may say, “click to learn more” or “click to see the image.” After clicking, the victim is redirected to a web page and asked to enter their user name and password or for other personal information. Once the personal information is filled in the attacker then sends emails to everyone in the victim’s address book and the cycle repeats.
While having spam email issued from your own email account is annoying and a problem, the larger issue is that the victim has given the attacker their user name and password. With an email and password, the attacker can easily hack into anything the victim uses that email and password for. Most people repeat email and password data for multiple accounts. In the world of cloud storage, this can be several accounts including email, CRM, file storage, banking, and proprietary applications.