Every consumer who transacts with an online payment to another party’s bank account for goods or services that exceeds an amount greater than $1,000 should raise the question, are the bank account numbers correct to which the payment is to be made!
There are several aspects of fraud and some of these include, obtaining property by deception, obtaining financial advantage by deception, false accounting, falsification of documents, fraudulently inducing a person to invest.
One of the developing fraudulent conducts that are more regularly occurring today involves data penetration and utilisation of that information. The purpose of this hack is to manipulate information from that account to commit deception, by using that person’s details that are stolen to obtain a financial advantage by deception.
Deception is best described by section 81 of the Crimes Act 1958 Vic which says: A person who by any deception dishonestly obtains property belonging to another, with the intention of permanently depriving the other of it, is guilty of an indictable offence. Also under section 82 of the Act it says: A person who by any deception dishonestly obtains for himself or another any financial advantage is guilty of an indictable offence.
So how does this financial fraud work ?
This crime involves various steps. The first aspect is a business has their data targeted, specifically email accounts. The reason email accounts are targeted, is that once there is access to the email account, that account can be manipulated by a third party to impersonate the original account user. This intruder may then monitor the users account for days, weeks or even months to learn the transactions and communications that are occurring on a daily basis. Once understanding is obtained about the users account, the next stage of deception goes into play. This is where the infiltrator in the email account watches for sale transactions that are to be finalised, and then technically hijacks the email account by diverting emails to different folder boxes in that email client by masking them in hidden status, and then sending emails from that users account pretending to be that original user, requesting the purchaser to pay funds to a nominated bank account, which is not the actual business account of the seller to close a pending sale. Now this type of deception even goes further. The fraudster, before sending the email for payment sets up a bank account in an Australian bank and uses a similar name as the seller’s business name. So in this type of circumstance, the purchaser who receives an email from the seller to pay the remainder of the funds into an account, named similar or the same as the seller’s business, transfers money into that account, on the basis of trust that the email received from the seller was true and correct. And subsequently resulting in the loss of the purchaser’s money through sophisticated deception.
The question that should always be asked by the consumer, is whether the bank account details that have been received by email from the seller are correct. The only way this type of fraud can be prevented is that before a large some of money is transferred for a purchase of any goods or services that are of a significant amount of money, is to ring that seller, confirm the email that has been received for the payment of funds, and specifically ask the seller to repeat the account numbers that are to be paid into. Then as a secondary level of protection, where the moneys are large, the purchaser should speak to the sales person directly who they have been dealing with to confirm those account numbers are the ones issued by the seller.
Consumer payment risks are real, and positive actions should be taken for protection before the finger hits ‘Enter’.