Beware third party attacks

Midland Reporter, 6.9.16

SCAMMERS are carrying out research into people at various organisations and either hacking computers or impersonating email accounts in a fraud known as a “man in the middle” attack.

Consumer Protection and WA Police Major Fraud Squad warn anyone making payments to third parties to be aware of the increased frequency in attempts to intercept money.

WA commercial businesses and not-for-profit organisations have lost at least $W,000 over the past two years, according to reports made to WA ScamNet at Consumer Protection. In Queensland, Brisbane City Council lost $450,000 to this type of scam.

These attacks are sophisticated and may involve:

  • internet research into your organisation and any goods or service suppliers used;
  • convincing phone calls to find out who deals with finance matters; -and,
  • emails containing links or attachments that when opened download ‘spyware’, giving the offenders access to information on computers or mobile devices.

Verify any payment requests received via email from people within the organisation and third party suppliers. Ideally, the conversation should be taken off email and a known person spoken to on the phone or in person.

Run a virus scan on any computer that has received a suspicious email. In some recent reports the targets realised before it was too late. You can learn from them.

Anyone impersonated or targeted may have been the victim of hacking. All parties need to have their devices checked by a reputable technician to ensure any spying software is removed and that Protection, such as firewalls and anti-virus programs, are up-to-date and working.

Organisations targeted by man in the middle scams” can report the details to WA ScamNet by calling 1300 30 40 54. In certain circumstances there may be a referral to police. Successful fraud attempts can be reported to the WA Police Major Fraud Squad on 131444.

Further details, including local victim case studies and tips to prevent an attack, are at You can do your bit in the fight against scammers by sharing that short link via social media or email. As you can appreciate, the audience for this warning is huge, with literally all WA organisations at risk. We welcome any help to spread the word.