Scamwatch is increasingly warning Australian small businesses and not for profits to beware of an invoice email scam.
The scam involves individuals or organised groups pretending to be a legitimate organisation such as Telstra, Australia Post, or the Australian Federal Police, advising overdue accounts or changes to payment arrangements.
The email or letter may look to be from a genuine supplier and often copy the business’s logo and message format, including links addresses to the real company and requests for immediate payment by wire transfer.
These scams may not be detected until the harm is already done. The most important things are to be vigilant and understand how to identify tactics by:
- Double-checking email addresses. Scammers use accounts which are very close to the real ones, however if you look closely, you can usually spot the fake.
- Hovering over links. Hovering with your mouse curser over a link in the email often reveals an address pointing to a completely different site located overseas.
- Contacting the business. Seek verification of the email’s or letter’s authenticity.
You can also download an 8-step guide to staying smart online.
Some of the recent organisations that are being used by scammers in Australia:
- QLD Health remittance advice
- AGL and Energy Australia invoices
- Australia Post accounts and parcel pick up
- Infringement notices from the Australian Federal Police
- Netflix - failure to validate information
- Ticketec confirmation emails
If you do receive a suspicious phone call, never give out any information about accounts or credit card details until you have looked into the matter further.