Protecting yourself from cyber fraud
Cyber fraud continues to increase in frequency at alarming rates. Login credentials obtained by hackers are regularly sold on the dark web by criminals. Business email compromise (‘BEC’), where victims are duped into making transactions by criminals impersonating someone they know directing them to process a transaction, is an ever-present risk to individuals and businesses.
Bank warning calls and emails
If you receive a communication from your bank about a fraudulent transaction, you should always tell the bank to freeze the transaction and not release the funds until you have made your own inquiries to confirm that the transaction is not fraudulent.
The bank may ask if you made the transaction. If you say yes, not realising that you are the victim of a fraud, the bank may release the funds and they may be lost before you discover the fraud.
The reason the bank contacts customers about suspected fraudulent transactions is because the transaction has triggered one or more of the bank’s red flags for fraud. The red flags could include:
- the amount of the transaction (eg: more than $X);
- the fact that you have never transacted with the account in question before;
- irregularity in the frequency of transactions on your account;
- the account holder is known by the bank to be suspicious or a known fraudster;
- the account to which you have transferred the funds is known by the bank to be fraudulent;
- the account to which you have transferred funds is in a foreign country; and
- the country in which the destination account is located is a higher risk country.
When you discover you are the victim of fraud
If you have made a transfer in error or in reliance on a fraudulent communication, you should:
- Contact the recipient bank and request they freeze the funds that were transferred because the transfer was made as a result of fraud and tell them that you will hold the bank liable if they transfer the funds after being on notice of the fraud.
- Contact your bank and request that it stop the transfer because the transfer was made as a result of fraud and tell them that you will hold the bank liable if they transfer the funds after being on notice of the fraud. Brand Partners Commercial Lawyers 2 [note: you could be on hold for a long time trying to contact the banks, we recommend you call both banks at the same time on two different lines to minimise the time lost on hold].
- After you have reported the fraud and requested the banks freeze the funds, contact the police.
Report to the police after you have contacted the banks
Police often tell victims of cybercrime to report cyber fraud to the Australian Cyber Security Centre (‘ACSC’). The ACSC process collates the data in relation to your complaint then allocates the complaint to the appropriate police station, usually the nearest to your home. This process, whilst valuable to collect cyber crime statistics for the government, wastes valuable time which could be used contacting your bank and the recipient bank to stop the transfer.
Contact us if you would like to discuss or have us run a staff cyber fraud awareness training session for your team.
Cyber fraud continues to increase in frequency at alarming rates. Login credentials obtained by hackers are regularly sold on the dark web by criminals. Business email compromise (‘BEC’), where victims are duped into making transactions by criminals impersonating someone they know directing them to process a transaction, is an ever-present risk to individuals and businesses.