Invoice Fraud
Options
Kathy_7271221
Member Posts: 10 ✭
Curious to know, last week I emailed a new customer an invoice - the invoice went to their junk email - but the invoice had been changed, someone has intercepted the email and added their bank details they had made a note also on the email that the customer should change the banking details . This invoice was for $45000, our customer paid the $45000 to the newly noted bank details. My invoice was email straight out of reckon accounts hosted. Have spoken to support for 2 hours with a nil reason as to how this has happen, (except, maybe someone from my office changes the invoice template, I am the only person to use the account program!) The incident has now been forwarded to the police,.I am still questioning why reckon invoices are still going to customers junk mail? How do I prevent this happening again. - But also very wary of my existing customers.
1
Comments
-
Hi, this happened to me as well. My emails were hacked and the hacker got into my reckon invoice and changed my bank details. My customers made a fraud dispute with their banks. It does't look like I will get my money. I reported it to the fraud police as well, but apparently it is up to the discretion of the Bank to pay to the correct account for me to get my money.
0 -
OHH bad !!!!!!
Cosmic Invoice may be able to help following ways:
1. Assured Acknowledgement from the receiver
2. Your email name is shown as the sender not Reckon Hosted.
3. Stripe payment which is secured PCI compliant online payment method
I don't know if what we offer may be a better option.
If you need to know further please call me : CHANDRA 0407068942
Cosmic Accounting Group
Accountants and Tax Agents 22397009
0 -
Oh no, this is only invoice, that has been changed as far as we are aware. this could ruin a small business, we have a program specialist looking into the issue.0
-
Kathy, sorry to hear about this. What a distressing time for your business.
Was your invoice sent direct from Reckon or from your email system?
Many thanks.1 -
The invoice was sent direct from reckon.
0 -
HI Kathy,
This happened to a QBO (Intuit) file as well. I also know that a fellow colleague has told me they know of this happening in MYOB file as well. The recipient of the emails need to be very careful of the sender address - it can be 1 letter different, but it will not be from the correct address. The only thing that can be done is to issue an email to all your customers saying that any change of bank acc needs to be verified by a phone call.
Scammers are forever coming up with new ways.
Gillian2 -
NEED RESPONSE FROM RECKON
I am weary of how we send emails through Reckon as it is as there is not alot of tracking - (hence i bcc - every invoice / statement etc to my email )
Users need to be assured their information is secure.2 -
Hi Kathy,
I believe a senior technician has been trying to get in touch on a couple of occasions today but has missed you. Can you let me know an appropriate time for the team to give you a buzz and I'll pass this through.
ℹ️ Stay up to date with important news & announcements for your Reckon software! Click HERE for more info.
0 -
now!
0 -
Bcc doesn't let you know if there is an intersept with emails. It didn't let me know of the fraud intercept.0
-
Great tip Gillian,
Pretty much everything can be hacked these days so I'm not sure how the software providers can GUARANTEE sensitive information is not at risk.1 -
I was not meaning that BCC will stop fraud - its just another way to ensure there is a track of everything I send from Reckon... The thing with fraud is that, it is always the victim of the fraud that has to prove it before they get their money back.
0 -
Hi Toni,
The bcc of an invoice will not stop this process described...I have seen it in action from other software. The only thing is that ALL users notify their customers of bank details change protocol and to double check via ph. Also to please check sender email address before opening invoices.
Its a sad world out there sometimes!
Gillian1 -
I explained my use of Bcc further up the page - I use it for tracking and am aware it does not stop the fraudulant events from happening. It would be good to get some reassurance from Reckon that our information is secure.0
-
Whilst fraud is never good when involved I'll share my own experience.
In my day job (we don't use Reckon but that's irrelevant), if a supplier changes bank details via letter/email or changed details on an invoice, we send a form to formally change bank details. Then when the form comes back I, as Finance Manager, ring the supplier to verbally verify details. It was during one of these calls a supplier appreciated my call as he recently was victim to this similar scam.
What happened is that the fraudsters were intercepting the email from a removalist company so they knew that the removalist had quoted for a job, the job was done and an invoice was going to be sent. Before the legitimate invoice was created by the removalist the fraudsters sent an email with an identical invoice template attached from a very similar email address as the removalist and the guy paid up. It was only later in the day that he received the legitimate invoice that he rang them to discover the fraudulent invoice but it was too late.
So I think it is irrelevant which accounting system is used, or if the original went to spam, the fraudsters actually intercept and monitor the emails and copy invoice templates and pounce at the right (wrong!) time.
David2 -
Hi Kathy,I'll send you and email shortly in relation to the situation you've highlighted here as we'd like to investigate further.If you can please take a look and get back to me directly.CheersRav
ℹ️ Stay up to date with important news & announcements for your Reckon software! Click HERE for more info.
0 -
Hi Rav,
Interested to know if Reckon have found out any more info on this issue and perhaps how the mechanics work......
regards,
Gillian2 -
Hi Gillian,
We're extremely confident in the integrity and security of the Hosted platform, however the situation that has outlined here is quite distressing.
We've gathered some information around this specific case from the OP and at this point are currently awaiting approval for further analysis to confirm the output from Hosted.
On a potentially related note, an article I saw recently has some striking similarities which refers to hackers impersonating various businesses through observing their emails -
https://www.smh.com.au/business/small-business/devastating-blow-homewares-business-hit-by-apparent-e...
Its really important to secure all components involved in this process and that includes email accounts, Hosted logins and any other services. If you have a old, short or non-complex password for any services, its best to review this on a regular basis and update them.
Reckon Accounts Hosted will also introduce multi-factor authentication soon which will provide an additional layer of security.ℹ️ Stay up to date with important news & announcements for your Reckon software! Click HERE for more info.
0 -
Hi Rav,
Thankyou....
Yes I hear and agree with you about security for ourselves....but the only invoice interceptions that I know about have come about invoices being sent from hosted or online software....so the invoices are really coming from Reckon, MYOB or Intuit.... So just wondering if Reckon had been able to find out anyway that it happens. I have not heard of any invoices being sent from desktop software.....however as your smh info link shows, that would mean the sender emails have been hacked.
I know this is so so hard to track, monitor or fix.......but any awareness could help. I would love Reckon to keep us up to date on anything they find.
I am about to send an email notifying my personal customers in my data file about the scam, and that ANY bank detail changes need to be verified verbally, which I will encourage them to send to all their customers and then send on down the chain as well. Like Davo above, we all need to now put in additional processes to protect out businesses. And update those processes each time a new scam is discovered.
On that note - wonder if there is customer/community benefit in informing Reckon users of the scam. I understand Reckon would not want to cause any concern for online product use....but there are many out there who would not have even heard of this scam and probably be grateful of being on the front foot.
Gillian0 -
You are correct Gillian. The fraud that happened to me was my emailed invoice from Reckon was hacked and they changed my bank details. My question is if I send out emails to my customers requesting a phone call if bank details are changed, then the hackers will either change that information or delete it completely. We are still not safe.
I have had a total overhaul of my security (at a considerable cost of course) and I am a very small business, no employees at all. I am unable to retrieve my money lost because of the hackers and I can't ask the customer to pay again. I would like to see a specific Company/Department/Body in place for businesses that have been affected like so, especially when we have print off proof of the changes and emails. As I have experienced, it is only dealt with the fraud department of the banks and it is at their discretion as to whether they will pay or not.2 -
Update - I have recieved emails from 3 supplers stating that they too have had this issue with their online invoicing ( these are large companys) - unsure what programs they are using. There seems to be a spam that persons are intercepting invoices - one company would supply a quote and time frame of when their services would be carried out, their invoices were then intercepted and new banking details added.
The customer I sent the invoice - that had been changed, has since told me they have been hacked, we are still waiting on the police - online fraud squad, but it seems to be a spam that can affect any business. I would like to know still, how we can be protected from this, I have sent an email to all my customers stating that any bank detail changes we would notify them by phone, I am also thinking of adding this to my invoice and statement template. But like Catherine said this could be changed also. Most banks refuse to return the funds as they are clear of anything from their prospective. My customer is looking into an insurance policy to protect them - but once again this is an added expense. Another question I have is my invoice was for $44000 - if this money had been remove from the recieving bank account before westpac intercepted who would have been responsible - the customer or me?
0 -
Hi Kathy, I am a Reckon Hosted user and have just read the conversation and sorry to hear of the problems that you experienced.
One thing that is not clear to me, (I might have missed it but not sure) but was it only the email to the new client that was "doctored" with the fraudulent bank details, or was the actual pdf invoice itself "doctored", or both?
Regards,
1 -
HI Catherine,
As it was the Reckon email that was intercepted, it is unlikely that your email account has been compromised from my understanding. However....if it makes you feel more secure, then perhaps a 'snail mail' (posted letter) letter to customers.
Gillian0 -
HI Mark,
I know this was directed to Kathy, but my experience of the Intuit interception and knowledge of the MYOB interception is that the pdf email attachment is 'doctored' as well as the email. in my case it went some thing like.... email said: please ignore the previous invoice emailed as we have now changed our bank details. Please see amended invoice attached with correct details......then when you open pdf it is your invoice perfectly with diff bank details where you normally put yours.
It all looks very legit........only thing just carefully peruse who the email comes from - it is not correct but could only be 1 character wrong...eg my clients email address had 2 t in ltd so it looked like lttd.com.au - and with the rest of email address correct it is hard to detect in our busy lives!
Gillian0 -
Hi Gillian,
In my case, everything was exactly like my emails with no differences. I have the print offs from the customers. The content asked the customers to bank into a different account as the original account was undergoing an audit. That should have been enough for the customers to ring me but because it all looked legitimate they just paid the account. They didn't anything was wrong until I rang them for payment.1 -
It was both.0
-
Gosh I will never get paid.......0
-
yes both
0 -
And that is the problem every thing looks legit..although my abn had been pushed down onto a second page, but the client was new so probably would not have known any difference, the email ha also stated please update our new banking details.1
-
Ok, thanks ladies for the additional information. It appears a brand new pdf was created by the fraudster.
I am glad I am aware of the issue as I can be alert to the risk in the future.
It would be interesting to hear the results of the investigations in due course if possible, as to how the interception occurred. By investigations I mean police as well as Reckon as transparency is critical in circumstances such as this.
0
Categories
- All Categories
- 6.4K Accounts Hosted
- 10 📢 Reckon Accounts Hosted - Announcements
- 5.9K Reckon Accounts (Desktop)
- 3 📢 Reckon Accounts Desktop - Announcements
- 1.3K Reckon Payroll 🚀
- 21 📢 Reckon Payroll - Announcements
- 21 Reckon Payroll Help Videos 🎥
- 21 Reckon Mate App
- 3K Reckon One
- 7 📢 Reckon One - Announcements
- 10 Reckon Invoices App
- 14 Reckon Insights
- 107 Reckon API
- 822 Payroll Premier
- 307 Point of Sale
- 1.9K Personal Plus and Home & Business
- 63 About Reckon Community