Contact Consumer Protection
Tel: 1300 30 40 54
See all Consumer Protection office locations
19 August 2016
Consumer Protection recently issued a warning to all organisations in WA about ‘man in the middle scams’.
A ‘man in the middle’ attack occurs when a decision-maker in the business or a fake 'supplier' of services or goods, contacts the organisation to provide new bank account details in order to poach account payments.
Your agency could receive phishing phone calls, or emails with links that put spying software on computers, in preparation for the scammers to attack.
Scammers may then pose as the licensee of the agency, having ascertained via phone and email phishing that he or she is away at a conference. Emails that look like they are from the licensee ask the finance officer to organise for payment to a believable supplier, with the only change to the normal invoice being to the bank account details.
Alternatively, the scammers may pose as a third party supplier, but provide new bank account details for payment of money owed.
Avoid being scammed by urging staff to check any unusual requests from suppliers and to use the known contact details they have on file or have verified from the supplier’s website. Also run a virus scan on any computer that has received a suspicious email.
The media statement WA organisations lose $500,000 to ‘man in the middle scams’ contains further details, with local case studies and prevention tips also available from WA ScamNet.