Hackers targeting businesses' emails in sophisticated scam

The latest warning from Scamwatch.


A post was merged into an existing topic: Scamwatch Advisories

Another article regarding an email scam.

You just have to love the incompetence and attitude of the bank.

Which bank? Yep, those grubs once again.


1 Like

We get maybe 10-15 (relatively sophisticated) scam emails a day, ranging from those who want to provide free services to improve our website/email systems (of course they need access to one’s website/email server), phantom tax invoices (some in self executable compressed formats), zero interest business loans (from financial institutions that don’t exist or have @gmail.com rely emails) and the list goes on.

They tend to evolve quickly and change every few days to every week. I suspect they evolve quickly to try and get around email/spam filters.

One has to be on their guard and if one doesn’t understand the consequences, it could be very easy to provide backdoor access to scammers/online criminals.

One thing to do is never open emails from unknown sources. We have also started using a separate private email address (non-business and not advertised online) for any significant business transactions to reduce the risks. To-date, this address has remained clean and hasn’t been pwned. Once it does, we will create a new one for the same purpose.

The challenge is the banks and other customers are often part of or also victims of the crime.

As indicated in the report, money is often laundered through legimate bank customers who have fallen victim to the scammers /criminals, either by thinking they can make quick money by allowing and transferring on deposits or having their online bank account compromised.

The banks however need to ensure any business account set up is legimate…which can be difficult as getting ABNs and setting up sham businesses is very easy…and such information often forms the basis for the account being created. This has been touched on in other threads.

And, if a business changes any banking or business details, call them on the numbers you already have (not the number attached to the updated details) to verify.

1 Like

"Local police officer, Detective Leading Senior Constable David Morrison, is now trying to figure out who’s behind the web of Australian bank accounts used to funnel the money overseas.

“Unfortunately at this stage, I have not been able to identify the account holder of the offending account, and it is possible the account was opened online under a false name and address,” he told the ABC in a statement."

How does someone open an account online? Last time I opened an account it was only possible if you fronted up at a branch with supporting id info.


I was wondering the same thing as well. The banks require valid identification to open up a bank account and also one must visit the branch for it to be authenticated. Even Commonwealth has such requirements:


even new arrivals to Australia have the same requirement:


I read this statement as a ‘theory’ as the words ‘it is possible the account’, rather than based on evidence. As outlined above, it could be a legitimate account hacked or account used to launder monies. It could also be that the account is a dormant account opened by someone (say for a temporary stay in Australia) and has been hacked or used by someone else for criminal purposes.

Some online savings accounts once could be set up online if they were linked to an Australian bank account where authentication of the account holder had been done by the bank with the linked account (e.g. ING where ING used authentication of the linked Australian bank account as evidence of verification). I am not sure if this is still possible.


It is just as easily Identity theft, not a hacked account but an account opened using “stolen” identification data. Stolen meaning acquired using any means that purloins the data. So someone opens an account using false ID then siphons the money from scams deposited into it off to places unknown. The Bank would have no idea then who the “real” owners were, they might be able to trace the funds transfers to some point but once removed from accounts then the trail would be much harder to find.


This is another example of how hackers phish for passwords to hack and use business emails for criminal purposes (exactly as received, with links and domain name removed):

To; Info
Your incoming messages are now queued up and pending delivery because your address has not been validated by Icloud, Gsuite & Office365 mail delivery servers.
You are required to validate your address info@yourdomain.com to restore normal email delivery.

Validate info@your domain.com Now

Please note:

  • Login with this eMail info@yourdomain.com password to validate in a secure and encrypted manner.

Once Validated Your Email Delivery Would Be Working In Less Than 1 Hour.

YourDomain ISP Gateway
This is a mandatory service communication for info@yourdomain.com
If you no longer wish to receieve this email [Unsubcribe Now](Link goes to a tacking website)

1 Like

Another email scam.

1 Like