Email communications between a home buyer and settlement agent were hacked last month, resulting in the hefty loss for the property purchaser.
According to a statement from Western Australia’s Consumer Protection division, the woman lost approximately $732,000 due to the “payment redirection” scam, which saw email communications between herself and her settlement agent intercepted in relation to the purchase of a Beaconsfield property.
It was reported that just last month, the home buyer received an email with “authentic-looking documents” attached from whom she thought was her settlement agent asking that the money be deposited into a bank account prior to settlement.
That message had come via a generic Hotmail email address, which used the agency’s name. According to Consumer Protection, the scammers had sent the buyer a fake email pretending to be the settlement agent, substituting the bank account details with one that they control.
Earlier emails from the real settlement agent were said to have contained scam warnings to clients of the agency.
The scam was uncovered prior to the carrying out a final inspection of the property, when the real settlement agent reminded the buyer about making the payment.
Consumer Protection has warned that such stings will often target high-value financial transactions such as real estate purchases and business contracts.
Not even five full months into 2022, Consumer Protection has highlighted a total of nine victims who have reportedly lost a total of $1,015,129 to payment redirection scams – three victims of which were involved in property transactions.
It also means 2022’s losses in the property sphere already eclipse 2021 figures, when eight victims lost a total of $168,000 to property transaction scams.
Consumer Protection executive director Trish Blake has urged people to be suspicious of emails that ask for a payment of money or advise of a change in bank account details when a transaction is set to take place.
“The losses from these scams can be extremely devastating to the victims who may have lost their home deposit that they have been saving for many years and may not be able to buy the home of their dreams,” she shared.
“Or it may be a business doing it tough that can least afford to lose such a large amount of money.”
She noted that while these scams usually involve the hacking into someone’s email account or computer system, “it can be difficult to determine exactly where the hack has occurred”.
“The hackers may have successfully guessed the password or installed spyware or malware on computers or laptops after recipients open attachments or click on links in scam emails,” she explained.
Ms Blake has advised businesses to warn their clients or contractors about the potential for payment redirection scams and train their staff to be “scam aware”.
In addition, “choosing a difficult to guess password and changing them often can reduce the risk of being hacked, and not opening attachments or links in suspicious emails is essential in keeping computers secured”.
She also aired suspicions around the use of unsecured Wi-Fi connections – whether it be in homes or in public places, which “may provide scammers with a window of opportunity to break in”.
“Especially with many people working from home at the moment, they need to ensure that a secured network is being used and they have up to date virus protection software,” she said.
In light of the recent scams, Western Australia’s Consumer Protection has offered a number of tips that can protect businesses and individuals against predatory action.
- Verify email addresses
Check that the email address is genuine.
“This may involve opening the email and meticulously checking each letter, as often scammers will create an email address with just one character changed,” Consumer Protection said.
- Be mindful of generic service providers
Consumer Protection advises individuals and businesses to be “particularly suspicious if the message comes via a generic email service provider such as Gmail or Hotmail”.
- Confirm authenticity of requests
“Call the sender to confirm the authenticity of the request and the account details, using previously known contact numbers or independently find out with an internet search or go to their official website for contact information,” it said.
- Do not use contact details in an email
They may be fake and put you in touch with the scammers.
- Don’t reply; Hit forward instead
Consumer Protection urges people to use the forward button instead of reply and manually type the address or select it from your address book instead of hitting “reply”.
- Personally verify account details
Consumer Protection encourages anyone making a transaction to go to the trader’s store or office to personally verify the details before making payment, if possible – and especially if a large amount of money is involved.
- Use multifactor authentication
“Consider setting up multi-factor authentication on all online accounts such as email, bank and social media,” the Consumer Protection agency advised.
ABOUT THE AUTHOR
Grace is a journalist across Momentum property and investment brands. Grace joined Momentum Media in 2018, bringing with her a Bachelor of Laws and a Bachelor of Communication (Journalism) from the University of Newcastle. She’s passionate about delivering easy to digest information and content relevant to her key audiences and stakeholders.