Search Results

Share Article:

Facebook Twitter Linkedin Mail

Tag: scams

A solution to reduce scam calls across Australia

Cyber Security Consumer

Posted on September 16, 2019

5 min read

Getting suspicious calls on your mobile from faraway countries or long-lost relations is nothing new – everyone is aware of phone scams. We believe there’s more that our industry can do to reduce the number of scam calls in Australia, and we know that a fix is well overdue.

Scam calls are frustrating, particularly to those who may fall prey to one or more of the scams currently in circulation. What might just seem like an annoying phone call for you can turn into money for scammers, too – whether it is through convincing you to share personal information that can then be used for fraud, or by engineering a call to a premium number that charges high rates.

A technology and industry solution

There are some things that telcos can do to reduce the number of scam calls that reach our customers. We don’t let our customers in Australia use fake numbers, for example, which makes it very difficult for scammers to operate from Australia. We also block calls using numbers that are known to be used for scam calling.  As an example of how prevalent scam is – we block millions of scam calls from reaching our customers each month.

We are also working hard with other carriers, and liaising closely with the ACMA and the ACCC, to better identify the sources of scam calls that still get through and then take appropriate action to disrupt and prevent those sources from scamming in future.

However, we cannot fix this on our own. We need all telcos, big and small, to work together to help identify the source of scams to resolve this situation and make Australia safer for everyone.

We are calling on all telcos to help our industry stop scam calls reaching our customers and proposing ways we can work together to fight this issue. If we can get this fixed, we’ll be able to significantly reduce the more than $500m Australians are expected to lose to scam this year.

Education to assist our customers

Until we have reached a consensus and implemented a solution, our customers can take steps to protect themselves in the interim. Everyone should understand how scams work so that they can understand when to hang up and not to call back.

There are three main phone scams currently popular around the world.

Getting you to call them back: Here, the scammer will call your mobile phone, making it look like the call has come from another country. Often the phone rings once or twice and then hangs up. In this scenario, particularly prevalent at the moment, if you do call the number back you’ll be placed on hold or play a recording. What you don’t know is that you’re calling a premium number which costs you a lot of money – and the profits go directly to the scammers. 

Getting your details: These scams are simply about trying to get access to your personal details. Scammers might call and claim to be from a major company (like Telstra) or government department (like the ATO) seeking to provide you with information. Before they can do that, they’ll ask you to complete an identity verification process by providing your personal information. They’ll use this information to try and access your bank account or online services to steal your money.

Variations of this scam include calls saying your computer has a virus and asking you to provide access so they can remove it. The scammer will then download your personal data or implant a virus that will collect data they can use at a later date to access your money or identity.

Getting you to pay for services: These scams are about convincing you that you owe a company money and that you must pay immediately. Often, the scammer will claim to be from a major utility or telecommunication company – scammers know the chances are high that you’ll get a call relating to a company where you have some services. Callers often talk in an aggressive manner or with a sense of urgency, or they may threaten to cut off your services, so you panic and pay immediately.

We know that education is only part of the battle because it is often our most vulnerable customers who are preyed upon by scammers. That’s why, in addition to operating our misuse of service and cyber scam reporting services, we’re calling on all of Australia’s telecommunications industry and its partner organisations to work together to find an effective technology solution to scam calls.

The opportunity for all telcos here is to set the bar high for what we do with our customers to make sure we never miss a heartbeat and no customer ever gets left behind.

How to patch a human: our cyber security influence explained

Cyber Security Consumer

Posted on March 22, 2019

1 min read

Cyber security preparedness is built on three pillars: people, processes, and technology. While technology is a critical element of an effective cyber security program, alone it is not enough to protect against modern cyber threats.

It’s not only hackers, corporate spies, or disaffected staff who present a threat to organisations; in most cases, breaches are often unintended consequences to mistakes made by non-malicious, uninformed employees.

In the Office of the Australian Information Commissioner’s 1 July — 30 September 2018 and 1 October — 31 December 2018 reports, it listed human error as a major source (37 and 33 percent respectively) of reported breaches.

While the largest source of reported breaches (57 and 64 percent) was attributed to “malicious or criminal attack”, a significant proportion of these exploited vulnerabilities involving a human factor, such as tricking employees to click on a phishing email or to disclose their passwords.

These figures illustrate the fundamental role security awareness can play in an organisation’s cyber security defences, and how a strong security culture can act as a ‘force multiplier’.

The True Story of a killer identity thief

Cyber Security Consumer

Posted on November 28, 2018

5 min read

Mexico fell for Michael Finkel. The charismatic New York Times journalist, now raconteur, was on assignment covering Mayan mysticism in 2001. He held easy court with tourists and locals; Finkel’s pursuit of the dangerous and different had thrust him on the trail of black-market organ traders, reporting the tragedies of the Gaza Strip’s dying child soldiers, and travelling in the leaky hull of a Haitian boat that almost killed him and 40 refugees.

Janina Franke, an amateur photographer, fell hardest for Finkel. After a chance meeting they travelled south where she would score a massive career break snapping photos of Mayan ruins for Finkel’s piece in the Times.

Michael Finkel at the IAPP conference. Image: Darren Pauli, Telstra Exchange

Franke made it to the Mayan port city of Tulum, 130 kilometres south of Cancun, but she never got her break. She watched as Finkel, real name Christian Longo, was pulled out of a cabana by a swarm of armed police bearing a US federal arrest warrant.

Longo had co-opted the identity of the real Michael Finkel having fled Portland, Oregan, where he was wanted for the gruesome murder of his wife and three children.

“He (Longo) chatted with tourists in Mexico about stories he said he had written, quoted from them,” the real Finkel told us while in Melbourne for the IAPP privacy conference. “They all unquestionably believed he was Michael Finkel from the New York Times.”

According to those he charmed Longo was polite and intelligent, “totally cool”, with a good sense of humour. He scrawled notes, memorised articles, and gave budding writers a fake Times email address to make his possession of Finkel’s character total.

Finkel heard of Longo’s exploits from a local journalist and soon arranged to meet the murderer then, and now, incarcerated on death row in Oregon State Penitentiary (there is a moratorium on executions in that state).

He did not, as some identity theft victims do, feel assaulted by Longo’s co-opting of his identity. Longo did not steal Finkel’s passport, drain his bank account, or hack his social media. He just studied the journalist to a level of intimacy that he could become him. The co-opting of identity made the journalist curious.

Longo first wanted to prove Finkel was the real Finkel. In a twist of irony the journalist struggled to answer Longo’s 13-question identity quiz that drew on minutia contained in Finkel’s stories filed over years. “It was this existential conundrum,” Finkel says.

Identity crisis

Longo, now 43, always wanted to be a globe-trotting journalist writing stories on the weird and wonderful. In short, he always wanted to be Finkel. Instead he married at 19 years-old, had three children, and over years turned a failing business into a web of deceit that would ultimately drown his family in debt.

His hijacking of Finkel’s identity at a time when Finkel was out of a job quickly drew the writer to Oregon State Penitentiary’s visitor’s centre.

Finkel says he would not ordinarily be drawn to speak to a murderer. He pursues curiosity and complexity, not distasteful and often unidimensional killers.

But it was the duplicitous character of Longo – a Proteus who in one instance was a witty and highly intelligent (his IQ was measured at 130) man and at another a mendacious murderer – that appears to have kept Finkel glued to what became an intensely personal story spanning years.

“If Christian Longo was sitting right here, he’d be funny, he’d be witty,” Finkel says. “You would have no idea he did something so unimaginable.”

Finkel tells the story in the nonfiction book True Story, also a major film adaption by the same name. He tells how he scrutinised Longo’s initial claims of innocence, witnessed how the murderer disassociated with his fellow death row prisoners, of whom many were also murderers, telling Finkel in a letter that he was “surrounded by so much degeneracy and perversion”, and watched and even assisted Longo’s attempts at redemption.

His latter act of redemption was a push to allow prisoners to donate their organs during their incarceration and at their point of execution. Reforms did eventuate that allowed prisoners to donate.

Finkel, himself now a father, has cut ties with Longo, and is pursuing his next story: a master art thief who stole a billion euros worth of art.

“I’m genuinely interested in these people,” he says. “More than, say, CEOs and popstars.”

Beat scammers, score deals, this Black Friday

Cyber Security Consumer

Posted on November 23, 2018

3 min read

Black Friday, the US$5 billion mega sales event infamous for its crowd-crushing stampedes and squabbles, lands today. And scammers are ready.

The post-Thanksgiving sales day has remained the busiest on the American calendar since 2003 when it overtook the weekends leading to Christmas.

While a chiefly American affair, Black Friday and its sister Cyber Monday have seeped into the Australian retail sector with many major retail outlets lining up cut-rate deals.

The sales bonanza makes it as much a magnet for scammers as the consumers they target.

Fake discount offers and dodgy pop-up web stores are the threats consumers are most likely to encounter, experts say.

Veterans in the anti- phishing and scam sectors in Australia tell us scam stores spun up by criminals on Facebook are the biggest of these threats to shoppers.

These stores, which Facebook actively combats, are often created and advertised on the social network as a place to buy brand name goods like clothing and jewelry.

Operators close the stores after orders have been placed and paid, running off with the proceeds and leaving consumers empty-handed.

Threats arrive in inboxes too. Fake discount vouchers and false offers of cut-rate goods are the most common here around Black Friday, also appearing as SMS, spurious websites and online advertisements, and in various instant messaging apps.

Phishing emails and messages, however, are unlikely to increase over this fourth quarter, contrary to long-standing suggestions by many cyber security companies.

Analysis of quarterly reports dating to 2013 from the independent Anti Phishing Working Group reveal no consistent increases in the number of phishing domains, emails, or targeted brands over the November-December period.

Any increase over quarter three of a given year is offset or exceeded by falls in ensuing fourth quarter. There is no consistent bump in the number of phishing sites or emails seen by the Group or reported to it by organisations and members of the public.

Veteran security experts in the space also agree phishing does not increase in the lead up to the festive break.

While an informed mind can avoid many sales scams, much of the fraud set to occur in the coming weeks will stem from attacks which shoppers can do little to prevent.

Online stores compromised by hackers lead to some of the biggest losses of credit cards. Criminals silently break into these stores and siphon and store card details as they are processed through checkouts.

Many cards are then sold in batches on illegal marketplaces and forums.

These attacks are often due to stores’ outdated content systems and payment checkouts, or to a myriad of common security flaws the fixes of which have been known for decades.

Shoppers may able to claim reimbursement for fraudulent purchases if they use a credit card or service such as PayPal.

Tips for staying safe online

Cyber Security Consumer

Posted on November 19, 2018

2 min read

We are constantly looking for ways to help our customers spot scammers and fraudulent activity in an increasingly connected world, where the rapid uptake of new technologies and increased connectivity provides many advantages, but also new avenues for crime and fraud.

Scammers can use multiple ways to get information from us. Deception is one way, where they try to trick or influence people into divulging confidential or personal information that then may be used fraudulently. This is called ‘social engineering’ and the scammers can get this information through phishing emails and scam calls. This information could then be sold online or used to facilitate criminal activity like identity theft or to access your bank accounts.

Often personal information is also found on the internet through social media accounts and can be used without an individual’s awareness. We encourage everyone to do a review of the security settings on their social media accounts, check that personal data is not publicly available and implement ‘two factor authentication’ – this is where social media companies provide an extra layer of security that requires not only a password and username, but also in some cases, you will be sent an email or text message with a security code to input.

Call scams by any name you want, but at the end of the day, they are designed to steal and trick you into surrendering your personal details, take control of your computer or launch malicious software (malware) which could steal your sensitive information.

We have some blogs that you can read that provide some handy tips:

Other online assistance can be found at:

Tags: fraud, scams,