BEC and remote access scams costing Aussies $86M

Both AFP and ACCC warn of rising scams in Australia.

Business email compromise (BEC) scams generated more than $79 million in financial losses during the past 12 months, partly driven by remote working. 

According to the Australian Federal Police (AFP), more than 3,300 incidents of BEC have been reported to the Australian Cyber Security Centre (ACSC) in the last 12 months, with more than half of these resulting in financial losses.  

BEC usually occurs when cyber criminals intercept legitimate emails or invoices from known transaction partners and change banking details to include fraudulent payment information. 

This usually is used to redirect legitimate fund transfers to alternative accounts.  

In September 2020, an Australian business almost sent a payment of $519,545, followed by another payment of $2,148,938, to a Singaporean bank account after falling for a BEC. 

The BEC was discovered after the second transfer. The affected business immediately reported the matter to NSW Police via Report Cyber, who then notified the AFP to intercept the transferred funds. 

“If you are transferring money online do your due diligence, ensure you are comfortable that you are sending the money to the correct person and account,” said AFP commander of cybercrime operations Chris Goldsmid. 

“If you think an email is suspicious, make further enquiries. Call and check directly with the business or organisation you are dealing with. It is reasonable to ask questions to protect yourself or your company.” 

The AFP warning comes as the Australian Competition and Consumer Commission’s (ACCC) Scamwatch issues a warning against remote access scams, those which see criminals duping people into allowing access to their personal devices. 

According to the ACCC, more than 6,500 Australians reported computer takeovers to Scamwatch in the last 12 months, with more than $7.2 million reportedly paid to scammers. 

These scams usually feature well-known organisations such as Telstra, eBay, NBN Co, Amazon, banks, government departments, police, and computer and IT support.  

“They create a sense of urgency to make you give them access to your computer via remote access software,” the ACCC said. 

The ACCC added that people aged 55 and older lost over $4.4 million, accounting for almost half of total losses. Young people reported losses averaging $20,000, while eight Indigenous Australians including some in remote communities lost a total of $38,000. 

“Remote access scams are one of the largest growing scam types in Australia. Scammers take advantage of the digital world and the fear of fraud and cyber crime to access people’s devices and steal their money,” ACCC deputy chair Delia Rickard said. 

Remote access scams usually start with an unexpected phone call saying you’ve been billed for a unknown purchase and your device has been compromised, or your account has been hacked.  

Sometimes they start with an SMS, email or pop up on a screen from a scammer seeking urgent contact to fix a problem. 

Claiming to assist the victim, scammers then tell users to download remote control software such as AnyDesk or TeamViewer.  

Once the scammer has control of your computer or device, they will ask you to log into applications such as emails, internet banking or PayPal accounts, which will allow the scammer to access your banking and personal information to impersonate you or steal their money. 

“It is really important not to let anyone who contacts you out of the blue access your devices, as once you give them access, you have no way of knowing what the person will do to your computer or what programs they may install,” Rickard said. 

 “If you receive contact from someone claiming to be from a telecommunications company, a technical support service provider or online marketplace, hang up. If you think the communication may have been legitimate, independently source the contact details for the organisation to contact them. 

"Don’t use the contact details in the communication.  Also, don’t click on any of the links.”