Last week we got a bit of a hard knock at Sage x Clare. As many of you may already know we were targeted by a very sophisticated scam whereby the scammers hacked the emails between us and our supplier and impersonated our usual contact.
The language was the same, the tone of voice was the same, the font, the graphics; all the same – this was a highly polished scam created purely to target small businesses and fleece them of their hard earned money.
And it’s not just small businesses mind you, this scam is prevalent in real estate (and law firms). Imagine transferring your – years of savings and sacrifices – home deposit to these scammers instead of your real real estate agent, it’s unimaginable and utterly devastating!
So, yep, they got us and it really, really hurt but we have a voice, we have an incredibly loyal and supportive following and we don’t go down easily. So guess what scammers, we’re going to do our darnedest to make sure this does.not.happen to anyone else!
Now we don’t claim to be experts nor do we guarantee that you won’t get scammed by following our lead but we’ve put together a little list of the steps we’re now taking to prevent something like this happening again and wanted to share them with you.
S x C Tip 1: Be sure you are speaking to who you think you’re speaking to
This might sound a little convoluted but you should never assume who you’re talking to is who you think it is. In this instance scammers intercepted and stopped all real communication going back and forth between us and the supplier. Writing style, language and knowledge of personal/business circumstances was faked; there were no red flags to indicate that I was no longer talking with my usual contact.
S x C Tip 2: Pick up the phone
Yep, it’s so much easier relying on email correspondence these days but it’s time to get back to picking up the phone. Whenever any bank details or invoices are shared over email we advise calling the intended beneficiary of that money before payment and checking that those bank details are correct. Which leads to our next tip.
S x C Tip 3: Independently verify your supplier details
Do not trust the details given in email signatures, including email addresses and phone numbers. Always use a trusted search engine to find the company and locate their phone number independantly. In this instance even our suppliers website had been replicated and faked and because it was in Chinese, we had no idea.
S x C Tip 4: Never think you’re too smart.
Cyber scams are evolving at an alarming rate and becoming more sophisticated than you can imagine. We all like to think we’re pretty smart people but these guys are smart too, don’t assume hackers are loners sitting behind a computer – they’re organised groups of people who use their wits to come up with elaborate scams that clearly work.
S x C Tip 5: Know your rights
Don’t assume you’ll receive any assistance from banks, police or any other investigative body if you are the victim of Cyber crime. There’s certain crimes that they’re happy to investigate, but when it comes to cyber crime it is still very much a grey area as financial institutions very rarely want to take responsibility. Cyber crime is treated differently to other thefts such as burglary. Very few cyber crime reports are followed up or investigated, even if it’s a loss ranging into the hundreds of thousands of dollars! In this instance the bank, our insurance company and the police have not been able to assist us. We reported the crime to ACORN and one week on, we are yet to receive a response from the police.
S x C Tip 6: Use the Scamwatch Website
The Australian Competition and Consumer Commission have a dedicated webpage, detailing scams to look out for, reporting scams and what to do next. If people really want to be on the front foot they should subscribe to scam watch, we have!
S x C Tip 7: Think about Cyber Crime insurance
There are a few companies in Australia who offer cyber crime insurance. You need to be aware that there are a lot of loop holes, so be informed and know what it does and doesn’t cover before assuming you’ll be covered in every situation.
S x C Tip 8: Speak out
If you are the victim, or you had a near miss, please speak out. Awareness is key. Our post has received national news coverage and we’ve had an overwhelming response from people, including someone who emailed us last night saying that because of our post, they avoided exactly the same scam!
We hope that the above tips will be beneficial to you or those you love. What’s important to remember is that the effect of a scam like this reaches far and wide in a business (not to mention the implications for consumers). The impact isn’t simply a loss of income, we will need a substantial amount of sales to recoup the $10,000 we lost, and that’s the reality of it – imagine having to work for months in your paid employment for free just to cover your loss? It would never happen, but it’s unfortunately the very real reality in a small biz like ours.
Complacency no longer has a home.
Featured image Tess Guinery