Have you ever received an email that just didn’t seem right to you?
The MTA’s Financial Controller was expecting to receive an invoice from a business via email, however when he opened the email, he realised something wasn’t quite right and took the correct steps to immediately ensure the safety of our systems.
- The email had no specific subject addressing what the email was about, simply, “Please see attached”.
- The email was not addressed to a specific person and was BCC’d to other people.
- The attachment was in a Word format, not the usual format the company sends attachments.
As a precaution, our Financial Controller did not open the attachment and telephoned the company who sent the invoice asking for an email that accurately described what the invoice was for, who it was addressed to, not to BCC anyone on it for security reasons and for it to be in a PDF format, not Word. The company re-sent as per his instructions.
The company followed up with an email to their customers later that morning advising that a virus was in fact distributed in the original email’s attachment.
This is a lesson for all businesses to take note of:
- Check for spelling mistakes or suspicious attachments before opening them. If they aren’t in a format you are expecting, ask the person to confirm and re-send.
- Exactly who has sent an email to you? One particular method of scamming businesses or individuals out of money is for a scammer to create an email address with the name of someone in your company but the actual address is different. Always check the name and address of the sender and if they don’t match up, it’s a red flag!
- Always confirm and re-confirm directly where there are any changes to banking details
Many businesses across Australia are falling victim to scams and hacks that can be avoided simply by checking everything carefully that’s sent to you. If it looks suspicious, it probably is!
If you have fallen victim to a scam or hack, you can report it to the MTA’s Workplace Relations team by clicking here.