Goodbye job applications, hello dream career
Seize control of your career and design the future you deserve with LW career
GET STARTED

Law firms among those targeted by hackers new email scam

The Australian Competition & Consumer Commission has issued a warning after new reports found email scams have grown by a third this year.

user iconEmma Musgrave 28 November 2018 Big Law
Email scam
expand image

Scamwatch has paged businesses to urgently review how they both verify and pay accounts and invoices, as sophisticated hackers targeting business’ emails continue to soar.

You’re out of free articles for this month
Law firms have been listed as being among those businesses being targeted – along with conveyancers and real estate agencies – with the ACCC noting that there has been an increase in hackers intercepting house deposits that have been sent to them.

The tactic is commonly referred to as a business email compromise (BEC) scam, which is when a hacker “gains access to a business’s email accounts, or ‘spoof’ a business’ email so their emails appear to come from the company”, the ACCC said in a statement.

“The hacker then sends emails to customers claiming that the business’s banking details have changed and that future invoices should be paid to a new account. These emails look legitimate as they come from one of a business’s official email accounts. Payments then start to flow into the hacker’s account.”

In other variations of the scam, the hacker will send an email internally to a business’s accounts team, pretending to be the CEO and ask for funds to be urgently transferred to an off-shore account. Hackers can also request salary or rental payments be directed to a new account, the statement explained.

ACCC deputy chair Delia Rickard explained there are some measures businesses can take to help combat the risk of being scammed.

“Effective management procedures can go a long way towards preventing scams, so all businesses should firstly be aware these scams exist and that their staff know about them too,” Ms Rickard said.

“They should consider a multiperson approval process for transactions over a certain dollar threshold and keep their IT security up-to-date with anti-virus and anti-spyware software and a good firewall.

“Businesses should also check directly with their supplier if they notice a change in account details. It’s vital businesses don’t do this just by return email or using other contact details provided. Find older communications to ensure you have the right contact details or otherwise independently source them, so they can be sure they’re not contacting the scammer,” Ms Rickard said.

Emma Musgrave

Emma Musgrave

Emma Musgrave (née Ryan) is the managing editor, professional services at Momentum Media.

Emma has worked for Momentum Media since 2015, including five years spent as the editor of the company's legal brand - Lawyers Weekly. Throughout her time at Momentum, she has been responsible for breaking some of the biggest stories in corporate Australia. In addition, she has produced exclusive multimedia and event content related to the company's respective brands and audiences. 

Prior to joining Momentum Media, Emma worked in breakfast radio, delivering news to the Central West region of NSW, before taking on a radio journalist role at Southern Cross Austereo, based in Townsville, North Queensland.

She holds a Bachelor of Communications (Journalism) degree from Charles Sturt University. 

Email Emma on: This email address is being protected from spambots. You need JavaScript enabled to view it. 

Tags
You need to be a member to post comments. Become a member for free today!