You have heard it before, but … watch out for SCAMS!

Written By Leonie Attrill

Let us share with you the recent experience of one of our clients.

An email was sent to the general reception email for the business from the owner of the business. The email stated that the owner was looking for assistance from the receptionist with buying some surprise presents for other staff to reward them for their good work. As part of this, the receptionist needed to keep the purchases a secret and not discuss them with any other person within the business.

The email sent was very convincing. It looked like a business email, even using the same font the owner would use for their ‘signature’.

As part of the weekly stationery run, the receptionist was asked to purchase gift cards from a national retailer. The ID number was then to be emailed to the owner for actioning. This occurred on 1 occasion. The problem was, of course, that the ‘owner’ being emailed was not actually the owner!

Before it could happen again, a chance discussion between the receptionist and the real owner about using the businesses credit card to purchase gift cards alerted them to the fact that a scam was in process. No further purchases were allowed and loss was minimised.

So, what steps could or should have been taken to help prevent this? Here are some suggestions:

 1)    Openly discuss with staff the need to be on the lookout for scams

 2)    Encourage staff to bring anything that looks suspicious forward

3)    Check the actual email address. It is usually clear that it is not from a key person associated with the business, even if it looks very convincing – e.g. instead of JoeSmith (joesmith@thebusiness.com.au) it will appear as JoeSmith (joeWXgy765@live.com)

4)    Review the language used in the email. In this case, the use of English was not quite appropriate, nor the normal way the owner would have expressed such a message

5)    Review your processes with your IT adviser. It may be that you can flag warnings with particular email addresses so that staff know what to look for

6)    Make it clear to staff that any expenditure – ANY AT ALL – is to be approved directly and verbally by those with authority within the business. No instruction received only by email is to be acted upon

7)    Review your insurances with your insurance broker. These days, both fraud and cyber insurance are able to be secured, so assess what your needs are

If you take these steps, your staff will feel far more at ease about approaching management to flag concerns, and you as the owner will know that you have taken appropriate measures in risk minimisation.

 Please feel free to call Samantha Hansen on (08) 8941 6355 or email sam@bowden-mccormack.com.au should you wish to discuss any business legal issues.

Leonie Attrill
Previous

Buying a property? 3 Key Steps to a Calm Transaction!
Next

Conveyancers & brokers – key members of your property buying team!