Check those banking details!

Every week as I write these blogs, somewhere there are a bunch of well-educated fraudsters using their skills to find a new way to defraud you of your hard-earned money. To be honest the technology fraudsters are using is mind boggling, we regularly see Facebook profiles being hacked and fraudulent adverts being placed on social media but there is a new scam doing the rounds that normally targets big business but has recently found its way right down to consumers paying for motorcycles.

A customer called me recently for advice who had unfortunately been a victim of cyber fraud. The customer was purchasing a motorcycle from a well-known dealership and requested the OTP and banking details over mail so that he could make payment. The salesman sent the customer the correct banking details to the customer in a PDF format and when the customer received the mail he promptly made payment. Unbeknown to the customer the dealership was being targeted by cyber criminals who were able to intercept the email/bank details before it reached the customer, change the bank details (even though it’s a PDF document) and send it on to the customer within minutes.

When the customer made payment the funds obviously were not paid into the dealer’s bank account but into another account that the fraudsters had chosen. The customer was obviously horrified that the details sent to him were fraudulent and the dealer, although sympathetic was not at fault as the details they sent were correct. Unfortunately, the customer did not get his bike. I still don’t fully understand how fraudsters/criminals are able to do this, so I asked my IT company to assist the customer by showing him how it had happened and how these fraudsters are able to intercept mails and change banking details, it’s scary how sophisticated these criminals are.

The tip this week is that when doing an EFT to a private individual or a reputable company, confirm the banking details with an authorised person telephonically before making payment as the details emailed to you may have been changed.