Scams, whose fault?

[The Triangle]

Really beyond belief how people keep falling for stuff like this.

Exactly - beyond belief. Can the ABC verify any of the facts? The specifics of this story seem very fake. Nearly an identical article in the WSJ a few weeks ago and before that it was on Forbes.

If stories like this were fully true, wouldn't you think there would be a line like 'I went to visit Anthony at his home Paramatta where he showed me the websites he used to try and tack down his money' or something like that.

Are these scams real? Probably. Is the reporting real? Hmm.... At least 20 articles on the internet written in the past month - most are just the same story with different names.

A Text Scam Called ‘Pig Butchering’ Cost Her More Than $1.6 Million

Scammers are swindling professionals with friendship to generate fake cryptocurrency investments.

www.wsj.com

 

[basilio]

Exactly - beyond belief. Can the ABC verify any of the facts? The specifics of this story seem very fake. Nearly an identical article in the WSJ a few weeks ago and before that it was on Forbes.

If stories like this were fully true, wouldn't you think there would be a line like 'I went to visit Anthony at his home Paramatta where he showed me the websites he used to try and tack down his money' or something like that.

Are these scams real? Probably. Is the reporting real? Hmm.... At least 20 articles on the internet written in the past month - most are just the same story with different names.

A Text Scam Called ‘Pig Butchering’ Cost Her More Than $1.6 Million

Scammers are swindling professionals with friendship to generate fake cryptocurrency investments.

www.wsj.com

If you read the article in full it would have been clear that this scam is meticulously crafted. Scores of people in offices on computers are following scripts to start, cultivate and process relationships where they clean people out. The story will be very similar across all countries because the script and process is so well honed.

It is very good. It is very effective. It is psychologically brilliant. You have meet a really smart, interesting successful woman on the net who truly likes you and gets you. This is not just a hot woman. It's a far more compelling story.

The dropped line about her uncle helping her to invest. Inspired.

So I can totally understand how hundreds,perhaps thousands of men have been taken to the cleaners. And naturally this highly effective scam has created huge attention and resulting stories. The back story of teh people forced into this process is also very ugly.

What Is 'Pig Butchering,' the Crypto Scam That's Flooding the FBI's Phone Lines?

The con is a bizarre mashup of a romance scam and an investment scheme.

www.gizmodo.com.au

How A Pig Butchering Scam Works

The term Pig Butchering (or Pig Slaughtering) Scam should disgust most people once they find out what it is. Like a pig before being slaughtered, scam victims are ‘fattened’ before the kill. This scheme takes the scams it stands upon to the next level in evilness and victim loss, also being...

www.fraudwit.com

 

[The Triangle]

If you read the article in full it would have been clear that this scam is meticulously crafted. Scores of people in offices on computers are following scripts to start, cultivate and process relationships where they clean people out. The story will be very similar across all countries because the script and process is so well honed.

It is very good. It is very effective. It is psychologically brilliant. You have meet a really smart, interesting successful woman on the net who truly likes you and gets you. This is not just a hot woman. It's a far more compelling story.

The dropped line about her uncle helping her to invest. Inspired.

So I can totally understand how hundreds,perhaps thousands of men have been taken to the cleaners. And naturally this highly effective scam has created huge attention and resulting stories. The back story of teh people forced into this process is also very ugly.

What Is 'Pig Butchering,' the Crypto Scam That's Flooding the FBI's Phone Lines?

The con is a bizarre mashup of a romance scam and an investment scheme.

www.gizmodo.com.au

How A Pig Butchering Scam Works

The term Pig Butchering (or Pig Slaughtering) Scam should disgust most people once they find out what it is. Like a pig before being slaughtered, scam victims are ‘fattened’ before the kill. This scheme takes the scams it stands upon to the next level in evilness and victim loss, also being...

www.fraudwit.com

There are 2 things here. I agree this is an effective and well executed scam for those who are dumb enough to fall for it. But philosophically I wouldn't go so far as to call it brilliant until we have proof that brilliant people are scammed. Fundamentally this is just a repackaged online romance scam which has been going on for long enough for people to not get scammed anymore. Adding crypto to the scam should send off warning alarms... but suppose there is always going to be a small % of the population who let lust and greed drive their stupidity. Now - if these people were meeting up in person as well... then it's a different ball game.

The second thing is that I felt that there was a good chance the ABC (via triple J...) article was possibly fake and that 'Anthony' does not really exist. I could be wrong (I accept I have no proof), but it's well known in internet circles that Australian media producers and writers are rampant when it comes to trolling though sites like Reddit (and probably here too) and American media to generate the non-stop churn of articles which are required to maintain clicks online. Those two links you posted are in my opinion far better explanations of what is happening, and you'll note that they were dated from several months ago which is when these 'pig butchering' articles got a run across all the American media sites. If I had a school project to write an article on this scam, I would have come up with exactly what the ABC came up with.

 

[basilio]

Heads up for anyone running a business. The current scam is around crims intercepting legitimate accounts from a business supplier and then changing them to direct payments to their own account.

Email invoice scam targets Victorian farmers, with 'insane' amounts of money lost to criminals​

ABC Rural
/ By Luke Radford and Sarah Lawrence
Posted 4h ago4 hours ago, updated 1h ago1 hours ago

Farmers are being targeted by scammers sending fake invoice emails. (Source: Jcomp/Freepik)
Help keep family & friends informed by sharing this article

Businesses are being urged to be on the lookout for email scams, with a rise in hackers targeting people with fake invoices.

Key points:​

• Scammers have been targeting Victorian farmers with fake invoices that appear to be from regular suppliers
• Bendigo lawyer Sarah Gee has seen businesses lose "insane" amounts of money to scams recently
• She advises people not to use phone numbers in suspected scam emails to follow up and to look up contact details elsewhere

'Almost impossible to detect': Huge sums of money lost to invoice email scam

Farmer Rebecca Hamilton received an invoice that appeared to be from a regular supplier. Paying it would have been a $24,000 mistake.

www.abc.net.au

 

[Smurf1976]

Customers of Origin Energy are being targeted at the moment.

In short, the scam involves a text message or email saying your account is marked as unpaid and with a link for payment.

Needless to say, that link doesn't result in you paying money to the real Origin Energy.

Origin Energy itself is legit, for anyone not aware it's an ASX listed company and a substantial one at that, but the text or email requesting payment is a scam.

 

[basilio]

Please check this story out. A very clever fraud perpetuated on a person who was scrupulously careful with her online security.
In a nutshell fraudsters had created a new My Gov account and created bogus transactions to receive tax refunds. I;'m guessing a number of ASF posters would fall into the category of "Sue"

Unfortunately the wheels of the ATO and other government agencies are not moving quickly enough to catch these perps or protect citizens.

Fake myGov profiles are being used to hack ATO accounts. Sue found this out the hard way​

ABC Investigations
/ By Sarah Curnow
Posted 11h ago11 hours ago, updated 10h ago10 hours ago

What began as a routine meeting with Sue's accountant spiralled into a month-long nightmare.(ABC News: Kyle Harley)
Help keep family & friends informed by sharing this article

"Congratulations on selling your Footscray house," an accountant told Sue* last month while the pair were discussing a routine tax return.
The comment was baffling. Sue didn't own a house in Footscray.

But according to her Australian Tax Office (ATO) records, not only did her supposed inner-Melbourne home go under the hammer but her return had already been lodged.

In fact, more amendments had been put through on previous years' tax returns and one more was still pending.
As Sue and her accountant pored over the details on his screen, a horrifying realisation set in. Someone had accessed her account, impersonated her, and fraudulently lodged five refunds from the ATO amounting to $25,000.

Amid the high-profile data breaches involving Medibank and Optus, she thought perhaps she was the victim of an unreported major government agency breach.

The truth was far more complicated.

Through Sue, ABC Investigations has uncovered a vulnerability in the myGov and ATO systems which is being exploited by cybercriminals to defraud the taxpayer.
It's a loophole which no amount of careful management of your online activity can prevent.

When Sue's accountant congratulated her on selling a home she'd never owned, a horrifying realisation set in

A routine meeting with her accountant turned into a nightmare for Sue. The retiree is a model citizen for digital security hygiene, but her caution wasn't enough to protect her identity from hackers exploiting this loophole.

www.abc.net.au

 

[explod]

Struth, can it be resolved?

 

[sptrawler]

Struth, can it be resolved?

Avoid myGov, if you can. ?

 

[SirRumpole]

Please check this story out. A very clever fraud perpetuated on a person who was scrupulously careful with her online security.
In a nutshell fraudsters had created a new My Gov account and created bogus transactions to receive tax refunds. I;'m guessing a number of ASF posters would fall into the category of "Sue"

Unfortunately the wheels of the ATO and other government agencies are not moving quickly enough to catch these perps or protect citizens.

Fake myGov profiles are being used to hack ATO accounts. Sue found this out the hard way​

ABC Investigations
/ By Sarah Curnow
Posted 11h ago11 hours ago, updated 10h ago10 hours ago
View attachment 150616
What began as a routine meeting with Sue's accountant spiralled into a month-long nightmare.(ABC News: Kyle Harley)
Help keep family & friends informed by sharing this article

"Congratulations on selling your Footscray house," an accountant told Sue* last month while the pair were discussing a routine tax return.
The comment was baffling. Sue didn't own a house in Footscray.

But according to her Australian Tax Office (ATO) records, not only did her supposed inner-Melbourne home go under the hammer but her return had already been lodged.

In fact, more amendments had been put through on previous years' tax returns and one more was still pending.
As Sue and her accountant pored over the details on his screen, a horrifying realisation set in. Someone had accessed her account, impersonated her, and fraudulently lodged five refunds from the ATO amounting to $25,000.

Amid the high-profile data breaches involving Medibank and Optus, she thought perhaps she was the victim of an unreported major government agency breach.

The truth was far more complicated.

Through Sue, ABC Investigations has uncovered a vulnerability in the myGov and ATO systems which is being exploited by cybercriminals to defraud the taxpayer.
It's a loophole which no amount of careful management of your online activity can prevent.

When Sue's accountant congratulated her on selling a home she'd never owned, a horrifying realisation set in

A routine meeting with her accountant turned into a nightmare for Sue. The retiree is a model citizen for digital security hygiene, but her caution wasn't enough to protect her identity from hackers exploiting this loophole.

www.abc.net.au

That's a pretty terrible story, and one that could happen to anyone.

What is Clare O'Neill doing about it ?

Talking tough but little else it seems.

 

[sptrawler]

That's a pretty terrible story, and one that could happen to anyone.

What is Clare O'Neill doing about it ?

Talking tough but little else it seems.

Yep with all this data collection that goes on, we are all only one hack from being cleaned out, how many times do you need to do a face to face identity check these days.
What protections are in place if you do lose everything, you pay for an institution eg bank, super fund, share register to hold your wealth, is their any recourse if someone hacks your account and takes your assets ?
Convenience is a double edged sword, it makes it easier for you to access your money, but it also makes it easier for everyone else. ?

 

[InsvestoBoy]

That's a pretty terrible story, and one that could happen to anyone.

What is Clare O'Neill doing about it ?

Talking tough but little else it seems.

Speaking as someone who has built a career in information security and has worked in senior infosec roles for banks, telcos, US tech companies, etc... she has done more in the brief period Labor has been in power than the entire time Dutton held the reigns of Home Affairs.

The marriage of AFP with ASD in the form of a 100 person unit is game changing, but you are not going to hear about its results in the press, that is by definition how ASD operates.

National security boffins to rally around major reset on resilience, migration, cyber and democracy policy

Clare O'Neil describes the reset of Australia's national security direction as a mammoth task for the nation’s public servants.

www.themandarin.com.au

Careful readers of the article will note that one of the issues that caused this to happen was raised by the ABC in a previous article in 2020, again under the remit of the tough talking potato. The main issue, which the ABC does an admirable job of burying the lede on, is that this lady somehow lost control of her TFN and that's really what the attackers used to pull this off.

 

[basilio]

Speaking as someone who has built a career in information security and has worked in senior infosec roles for banks, telcos, US tech companies, etc... she has done more in the brief period Labor has been in power than the entire time Dutton held the reigns of Home Affairs.

The marriage of AFP with ASD in the form of a 100 person unit is game changing, but you are not going to hear about its results in the press, that is by definition how ASD operates.

National security boffins to rally around major reset on resilience, migration, cyber and democracy policy

Clare O'Neil describes the reset of Australia's national security direction as a mammoth task for the nation’s public servants.

www.themandarin.com.au

Careful readers of the article will note that one of the issues that caused this to happen was raised by the ABC in a previous article in 2020, again under the remit of the tough talking potato. The main issue, which the ABC does an admirable job of burying the lede on, is that this lady somehow lost control of her TFN and that's really what the attackers used to pull this off.

Well that is interesting. Sounds like Clare O Neill is taking some decisive action.
The fact that the woman "lost control" of her TFN is disturbing. I think finding someones TFN is probably relatively easy. If it only takes a scammer your TFN number to effectvely takeover your My Gov account that is a very big hole.

 

[SirRumpole]

Speaking as someone who has built a career in information security and has worked in senior infosec roles for banks, telcos, US tech companies, etc... she has done more in the brief period Labor has been in power than the entire time Dutton held the reigns of Home Affairs.

My apologies to Ms ONeill.

So is anyone responsible for the data breach and theft of TFN in this case ? The ATO ?

 

[InsvestoBoy]

My apologies to Ms ONeill.

So is anyone responsible for the data breach and theft of TFN in this case ? The ATO ?

How far down the rabbit hole do you want to go?

Theft of TFN, shrug, it could be any party that had accessed to it was hacked, for example the very tax agent the story starts with may have been the source of the TFN after their secretary clicked a link and got hacked by someone in Eastern Europe.

Who's responsible for the ATO sucking? If you asked me I would be starting with the literal thousands of staff the Abbott government cut in 2014 for "budget savings".

 

[Belli]

This isn't about a scam as such but highly deceptive retail advertising.

Before Christmas I ordered online some goods from a retailer. It has bricks and mortar stores in a number of States as well. It was pretty simple add to cart and pay process. No indication at all of any problems. Lo and behold a few days later an email was received which stated due to a spike in sales they had oversold the product and due to various (fabricated Covid supply issues?) reasons could not give a time frame as to when the goods will be available . In compensation for the wait, they offered a discount voucher to spend on other goods. However, there was a remark in the fine print that acceptance of the offer meant I would remain on the wait-list for the goods. Does it imply if I didn't accept the offer I wouldn't be on the wait-list and may not ever receive the goods?

I blew up and let loose with a blast regarding deceptive advertising as the web-site implied the item was available for shipping and accepting orders with no indication the goods were not in stock, which would have been know to the company. As well, the company would also have been aware there were supply issues.

Chargeback of funds has now been made.

A quick search on the web on reviews about the company indicated that over 30% of the reviews were complaints about the company's customer service and a high proportion of those were of a similar nature to the issue I encountered. Also discovered the company had been taken to court over false advertising by the ACCC some years ago which won and a fine was paid.

That doesn't seem to have changed the ethos of the company it would appear.

 

[noirua]

The four stages of a scam​

Our report also identified the common stages of an APP scam, from when the scammer first contacts a potential victim to the victim realising they’ve been defrauded.

1. The opportunity Scammers contact potential victims. They often have greater success if the victim is experiencing a vulnerable period in their life. The case studies interviewed as part of our research were often suffering significant distraction, acute stress or serious emotional strain, making it easier for fraudsters to scam them.
2. The scam Fraudsters create a credible fake story to target victims, such as being a bank staff member, an investment expert, a seller of goods or a romantic interest. Scammers use imitation to appear more believable. Tactics include spoofing phone numbers or using fake reviews to create credible online ads. Scammers build a relationship with the victim through appearing to be likeable and establishing similarities.
3. The payment Scammers create an overwhelming sense of urgency, leaving victims little time to double-check details and manipulating them into dismissing warnings from their bank, family members or friends.
4. The aftermath The victim realises that they’ve been scammed, often causing feelings of distress and shame. Too often, banks and the police don’t deal with the situation well, leaving the victim in a further state of stress. On many occasions, the victim isn't reimbursed for their losses.

 

[basilio]

Something new and quite significant in scam emails. Apparently scammers can now slip a scam message and connection in a legit business thread.
For example you may receive texts from Australia Post regarding a parcel. The next text you get from Aust Office under all the other messages could be a con..

Scammers can slip fake texts into legitimate SMS threads. Will a government crackdown stop them?

A new proposal aims to prevent SMS scams by introducing a national SMS sender ID registry.

theconversation.com

 

[basilio]

Complex story on 4 Corners. They investigate REvil which the ransom ware company that has been strikingly successful in penetrating Stae and Business enterprises and extracting millions in return for not destrying or releasing the organizations data.

REvil is a Russian organisation and Russia has now directed it to undermine Ukraine assets.

Chatting with a hacker​

By Jessica Longbottom, John Lyons, and Jeanavive McGregor

Four Corners
Updated 17 Apr 2023, 11:02am
Published 17 Apr 2023, 4:26am
What would you say to the person who stole your personal data, held it ransom and posted it on the dark web?

The people behind the cyber attacks on Australia are highly organised criminal gangs, often based in Russia, with dozens of employees and even HR departments.

Authorities are still tight-lipped about who carried out last year’s Medibank hack that left the personal details of millions of Australians exposed on the dark web.

However, security researchers have linked the attack to REvil — one of the most successful cyber gangs of all time.

With the help of those researchers, we spoke to a hacker who says he’s worked for them.

Known as “Kerasid”, he agreed to chat on an encrypted service.

'Australians are the most stupidest humans': We asked a hacker why they target us

A hacker — who claims to have been part of one of the world's most successful gangs — tells us why Australia is a target and laughs at the distress caused by the Medibank data breach.

www.abc.net.au

 

[Belli]

I have noticed in the media an increasing prevalence of reporting on individuals who have been scammed along with claims the banks shouldn't have allowed it and the victim should be compensated. I do consider financial institutions should improve their detection processes. Most have broad advice on their web-sites what to look out for in regard to scams but maybe people cannot be bothered reading it or attempting to find it even if they have accounts with the bank.

While I think scammers are the scum of the earth and I have a great deal of sympathy for those who have lost money, sometimes their life savings, I also have a nasty side and have a view the person is at fault to some extent. I know it's a harsh attitude but compensating all will mean the cost will eventually be passed on to everyone.

Should you receive a call supposedly from a bank why not hang up and actually call the bank on its official number to verify? I get it to some extent because in the heat of the moment.

Examples.

When Trina was scammed out of $114k, all her bank could do was offer her an information pack

Trina thought she was talking to her bank's fraud unit. Within minutes she had lost $114,000 to a scammer. As a new report from ASIC reveals the extent of such scams, victims are calling for banks to be more accountable.

www.abc.net.au

Two banks detected suspicious activity in Sarah's accounts. Only one blocked the scam

After Sarah was robbed of her life's savings, she entered a lengthy dispute with her bank to get her money back. She says she was treated rudely and, after months of fighting, she only got a fraction back.

www.abc.net.au

I've had calls purporting to be from the ATO, the banks I use, offers of investment opportunities and a host of other matters. My response, if I bother to answer the call, is to say "F*&% off." and hang up. As for emails or texts; delete. Recently had one from Reckon. I've never used its product.

 

[StockyGuy]

Whenever someone gets scammed people may harp on about the banks doing more to prevent it, but very few customers have much appreciation of all the false positives that occur when you ratchet up the security levels. People expect any time they use their card, for any amount available, it works; or when they do a funds transfer it hits the recipient's account with seconds. They don't want safe daily limits or delays or blocks until validity or identity is confirmed. They typically won't rejoice at having their internet banking temporarily disabled due to their login from a completely different IP address.

Increased security can mean you'll be contacted by the bank's fraud team for many more things. You'll also be more limited in the way you can use your money. The public don't typically want that, unless perhaps they've personally lost money to a scammer / fraudster.