Stacey’s $6m save

Share

Share

For Stacey, a Relationship Associate in NAB Private, customers requesting to make large transfers is pretty normal.

But recently, when Stacey was asked by Brody*, a NAB Private customer to transfer $6m as part of a capital raising round to an international account, her instinct kicked in and she started searching for more info.

“When Brody asked to make this transfer, everything seemed pretty normal,” said Stacey. “It was pretty consistent with other transfers he’s made in the past and was to a regular recipient.”

Just to be sure, Stacey called Brody to confirm that the details were correct. He assured her that they were.

“He asked me to pick this up with his accountant as he was about to catch a flight,” said Stacey, “so I spoke to his accountant to double check he wanted this to go into a Singaporean account.”

“I asked the accountant to call the supplier, the end recipient of the funds, to make sure this was what they wanted as there would be international fees.”

 

The red flags

As Stacey was waiting for confirmation from the accountant, she read through some of the previous emails between the customer and the recipient and noticed a few changes throughout the email chain.

“I first noticed the word ‘group’ misspelt as ‘gruop’ and the tone in some of the greetings was slightly different,” she said. “I could also see the account had changed to an overseas account and the date of the payment had been brought forward, so there were a few red flags jumping out at me.”

I called the accountant right away to make sure they didn’t process any payments to this account.

It turned out Stacey was right, and she had just saved the customer and the supplier from a $6m transfer to a criminal.

“The supplier’s emails had been hacked by a criminal who then impersonated employees from the organisation,” said Chris Sheehan, Executive, Group Investigations and Fraud. “They changed the banking details on invoices in the hope of receiving the funds.”

Woman with short brown hair smiling, wearing glasses
Stacey, NAB Private Relationship Associate

 

Business email compromise

This type of activity is known as business email compromise, and unfortunately, it’s on the rise.

Business email compromise is when an organisation’s email account is taken over by criminals to conduct fraudulent activities such as sending fake invoices, requesting updates to bank account details, or intercepting and altering inbound payment details.

“Criminals gain access to email accounts by sending a phishing email which appears to come from a trusted organisation or contact,” said Chris. “This email might request the recipient’s email account username and password, or ask them to click on a link which downloads malicious software onto their device.”

“Often the email has been sent from a trusted contact who has had their own email account compromised.”

According to the Australian Federal Police, financial losses by Australians impacted by business email compromise totalled more than $79 million in the 2020/21 financial year.

“Once money is sent in a business email compromise event, it often can’t be recovered, despite NAB’s best efforts.” said Chris. “This means the business or person who sent the transfer can be left significantly out of pocket.”

Man in suit, wearing a lanyard, standing in front of glass screen looking at the camera
Chris Sheehan, Executive, Group Investigations and Fraud

 

First line of defence

While there’s sophisticated fraud detection software used in NAB systems, customers and colleagues need to remain vigilant and on the lookout.

“Human interaction in this case saved the customer a considerable amount of money”, said Chris. “People like Stacey are the first line of defence against fraud and scams.”

“If you see something that doesn’t look right, investigate it further before you action the request. Customers should verbally confirm all requests to new accounts using publicly available phone numbers to do this.”

“Another way customers can have confirmation about who their transfer is going to is by using PayID, as this shows the legal name of the person or business you’re sending the money to,” said Chris.

 

Tips for customers to stay protected against business email compromise scams

  • Make sure you verbally confirm all requests to make payments to a new account. Use a phone number that is publicly available.
  • Use PayID or BPay as a fast, and secure way to send and receive money. It also shows you the legal name of the person or business you’re sending money to, so you can confirm it’s the intended recipient
  • Check your email account settings for any auto-forward rules that you didn’t set up yourself, as this can be a sign that emails are being forwarded to another account. Also check the ‘Sent’ and ‘Deleted’ folders periodically for emails you did not send.
  • Keep your anti-virus software up-to-date. NAB customers they have access to 6 months free antivirus software.
  • Use strong passwords and multi-factor authentication.

For more information, head to Protect your business from email scams.

*Note: Customer’s name changed to Brody to protect their identity. 

Customers, banking & finance

SEE ALL TOPICS

Media Enquiries

For all media enquiries, please contact the NAB Media Line on 03 7035 5015

Related Articles

  • Scams

NAB joins BioCatch Trust Australia to protect customers from scams and fraud

NAB has joined BioCatch Trust Australia as part of ongoing efforts to tackle the scam epidemic targeting Australians.

  • 20.11.2024
  • Time to read 2 min read
  • Innovation

NAB Digital Next: How customers can benefit from digital ID

In the latest episode of NAB Digital Next, host Brad Carr speaks with Andrew Black, Managing Director of ConnectID, an initiative of Australian Payments Plus. ConnectID is an Australian owned digital trust network, that allows individuals to use existing partners – such as banks – to verify themselves (for example, when being served at a bar or applying for a rental).

  • 14.11.2024
  • Time to read 1 min read
  • Business

Fresh flavours and customer focus: il Mercato Centrale, backed by NAB

NAB customer, il Mercato Centrale is using customer feedback to deliver fresh flavours and an immersive Italian experience, underpinned by a focus on growth and expansion.

  • 07.11.2024
  • Time to read 1 min read

Quick links

Business Research and Insights

For more business news and analysis, visit NAB’s Business Research and Insights .

NAB Security Podcast

For more insights about cyber security and fraud, and practical tips on how to stay safe, listen in to NAB’s Security Podcast series.

NAB tech blog

For more insights about technology and the digital developments enabling change for customers, visit the NAB tech blog on Medium.