INDUSTRY STATEMENT: RESPONSE TO ACCC SCAM WARNING FOR AUSTRALIAN CARAVAN DEALERS AND MANUFACTURERS

, , , ,
RESPONSE TO ACCC SCAM WARNING FOR AUSTRALIAN CARAVAN DEALERS AND MANUFACTURERS
In light of the recent scam alert issued by the Australian Competition & Consumer Commission (ACCC), this communication aims to brief the Australian caravan industry, encompassing dealers and manufacturers, on the critical aspects of the warning and provide guidance on protective measures. The ACCC’s alert, a part of its endeavours through the National Anti-Scam Centre established in July 2023, underscores the urgency and significance of this issue. 

The scam identified by the ACCC primarily involves the compromise of legitimate business email accounts through phishing attacks. Once access is gained, scammers can intercept, read, and send emails from these accounts. This breach often remains undetected for several weeks, posing a substantial risk to businesses and customers alike. The methodology of these scams is sophisticated and specifically targets the vulnerabilities in current business communication practices. 

How the scam works 

The scam typically involves the following: 

The legitimate business’s email account is compromised, usually through an email phishing attack.

The scammer can read emails sent and received by the business and can send emails from the account.

The business may remain unaware that their email account is compromised for multiple weeks. 

The scammer emails customers from the compromised email account requesting payment of their deposit (or payment of a further amount if the deposit has already been paid), providing their own bank details rather than that of the trader or dealership. 

Alternatively, scammers may email customers from a different email address that looks similar to the actual email address used by the company. 

The customer receives the invoice from the scammer and transfers the deposit, thinking they are paying into the business’s account. 

When the business notices they have not received a deposit, they email an invoice to the customer. 
 
The scammer sees this email sent by the business, and may send another invoice to the customer, requesting even more money. The invoices sent by the scammer appear identical to the genuine invoices, except for different bank account details. 

Because the scammer has access to the business email account, they know the names of staff and customers. The scam emails appear to be personally addressed to the customer and signed off by the dealership’s staff. 

Warning signs 

You don’t receive emails that people say they have sent you. 

Emails are classified as “read” without you having read them, or emails disappear from your Inbox. 

There are strange emails in your sent folder.  You cannot access your email because the password is incorrect. 

You receive unexpected password reset notifications.  

Your email app reports sign-ins from unusual IP addresses, locations, devices, or browsers 

For the caravan industry, this scam poses a direct threat to the integrity of business communications and transactions.

The potential for financial loss and reputational damage is significant, given the high-value nature of caravan sales and the industry’s reliance on email communication for transactions and customer interactions. 

Recommendations 

Check and secure your email systems as per the Australian Cyber Security Centre’s advice. 
 
Enhanced Email Security: Strengthen email security protocols. Implement advanced phishing filters and regularly update security software to protect against such attacks. 

Employee Awareness and Training: Conduct regular training sessions for employees to identify and respond to phishing attempts and suspicious email activities. 

Verification Processes: Establish a protocol for verifying significant transactions or changes in payment details through secondary communication channels. 

Customer Awareness: Inform customers about these scams. Encourage them to verify any unusual requests, particularly those related to payment changes, directly with the dealership or manufacturer. 

Regular Monitoring: Regularly monitor email accounts for unusual activity. Immediate action should be taken if there is any suspicion of a breach. 

Collaboration and Reporting: Foster collaboration within the industry to share information on scam trends.

Report any incidents to the ACCC and relevant authorities to aid in their efforts against these scams. 

The ACCC’s warning is a timely reminder of the continuous evolution of scam tactics. As an industry, staying vigilant, informed, and proactive in implementing protective measures is paramount. By working collectively and adhering to the recommended practices, the Australian caravan industry can significantly mitigate the risks posed by these sophisticated scams. 

If you become aware of scam attempts, please report them to us to help protect others. 

You can contact the National Anti-Scam Centre at NASC@accc.gov.au