Resorting to this

There was no coincidence in the timing (again) of a number of social media posts I woke up to today, the so-called “Freedom Day”. The hot weather here in the UK has seen hundreds of thousands of Brits head to the beach as the “staycation” as taken over from the “vacation”. Many prospective holiday makers will not risk booking an overseas trip just yet whilst the destinations list remains so fluid in terms of restrictions going out and coming back in. So most of us will stay right here in the beautiful British Isles.

With restrictions being eased, then bookings at some of the most popular locations have understandably gone through the roof. One of the most popular family destinations is Center Parcs, who have a number of parks across the UK, with plenty of outdoor activities for all as well as restaurants and their spa facilities. Such is the demand for accommodation in their parks that it is often hard to find any free spaces. But fear not because they are offering a free break for four people, plus spending money and all travel paid. And it couldn’t be easier to enter the competition – just share the competition page on Facebook, comment and like it. Who wouldn’t enter that with it being so easy.

Except we all know that because it is too easy there should be a red flag being frantically waved in our heads. Let’s take a look at what can be found on Facebook.

Picture 1 is a genuine Center Parcs UK post – a news story about a location for a new site being found in West Sussex. There isn’t a call to action, the spelling and grammar are spot on, the logo is correct, the name of the company is also correct and they have been verified with the blue tick.

Picture 2 is the first attempt at trying to pretend to be Center Parcs. As you can see they have made a terrible attempt at spelling the company name plus there is some poor grammar in the text. Picture 3 is better, at least the name is correct but the logo isn’t. The pictures are taken direct from the Center Parcs website.

Irrespective if they are genuine-looking, why would Center Parcs have any reason or motivation to give away such a prize? They are turning people away such is the demand for staycations. Why would they need you to “Like”, “Share” and “Comment” on the post?

Because this is all about collecting as much personal data from social media users as possible which can be used or sold on at a later date. When I first saw the “competition” on Facebook, over 33,000 had shared it, even more had liked it. Who is to say that a significant percentage may be contacted because they have “won” the holiday? What is the next step? An admin fee payable, which requires bank details to be shared?

I know the last 18 months have been tough on us all, and the thought of a holiday is incredibly tempting which is why we all need to be extra vigilant and really think before we are tempted to act. If you see similar offers, take a step back and ask “what’s in it for them”? Big brands rarely give away anything so cheaply, yet thousands of social media users will.

Topical hacking

Let’s roll back a week when everything was rosy in the English garden – well, at least in terms of football. The nation was on a high as a victory over Denmark in the European Championships Semi-Final would see the country take on Italy for the right to be proclaimed Champion of Europe. Talk was of trying to find tickets and replica shirts, both as rare as an England appearance in the final itself.

With little chance of finding a current replica shirt, unless you were a politician where it seemed you only had to stand in front of a camera to get a “box fresh” one, complete with creases, fans looked at the next best thing and went retro. Like any sporting side, there have been a fair few terrible kit designs over the years mixed in with a few design classics. Thankfully, most of the latter (and some of the former), have been produced again and sold through websites over the last few years. In fact, the retro sporting shirt market is probably as strong today as it ever has been, with many fans shunning the incredibly expensive new shirts and preferring the bygone day look.

One company that has been providing this retro shirts for many years is Classic Football Shirts. They offer a fantastic range of replica shirts (over 30,000 different shirts), at decent prices and are an example of a small business that has found its niche and become quite big (remember my adage of “Get Big, Get Niche or Get Out”? Here’s an example of how being niche can lead to growing big). With the whole nation becoming gripped with football fever, what better time to buy a retro shirt?

Sensing the demand out there, as if by magic emails started appearing in inboxes from the company offering a 15% cash back on previous orders to customers – what a fantastic gesture. Except it wasn’t from Classic Football Shirts. The emails looked like they were but there were some tell-tale signs that it wasn’t from them. The emails were phishing attempts, looking to cash in on the football euphoria and a short supply of the replica England shirts.

The email address it came from had an extra “s” in – classicsfootballshirts.co.uk – a domain name registered on the 25th June and at first glance doesn’t raise any red flags. The email itself contained poor grammar that should have been a warning sign for a scam but many customers, not based in the UK or who may not be fluent in English, it was an offer too good to miss. All they needed to do was click on a link in the email and complete the form to get their 15% cash back.

The firm reacted quickly when it became aware of the issue (within 30 minutes of emails being received by customers), promising an immediate investigation. They took the correct course of action in contacting the authorities and informing customers of the situation. What is clear is this was a very deliberate and targeted attack, with the fraudsters taking advantage of the footballing euphoria in the country. The domain name still appears to be registered although any website attached to it has been removed.

Whilst there are still ongoing investigations on the source of the attack and what data was used by the scammers, it is a timely reminder to all of us about taking a moment to check any similar offers that appear to be too good to be true. In this case, asking yourself why the company would simply be giving free money away, rather than discounting future orders for instance? It doesn’t matter how small or big an organisation is – one of their core objectives is to make money and giving it away is contrary to that strategy.

A week on and we are all footballed out. The bunting has come down, the wallcharts put away and those little flags you attach to the windows in your car lay discarded on roads up and down the country. Security incidents like this remind us that no firms are safe from the eyes of the fraudsters and that we, as consumers, need to be cautious about any too good to be true offers we receive. In doing so we all become part of the solution rather than the growing problem of online fraud.

It’s coming home…but is it real?

After 18 months of restrictions, regulations and down right misery for many in England, the performance of the England National Football Team in the European Championships has been a source of escapism for many and downright joy and national pride for the rest. In case you didn’t already know, It’s coming home* this week. Should England overcome Denmark at Wembley on Wednesday night they will face a final in London on Sunday night against either Italy, the favourites, and previous winners, Spain. It’s a tough ask, but the team under the management of Gareth Southgate, has given the nation hope at a time when it was seriously lacking. Good times indeed. But good times also bring bad people out in force, looking to exploit the situation and profit from the opportunity.

The interest and support for the England team has led to unprecedented demand both for tickets for games to see them play at Wembley and for replica shirts. Prior to the tournament, an official Nike England shirt (adult size) would cost a minimum of £70, and there was stock with most of the online retailers. Three weeks later and it is almost impossible to find one in the same stores.

That is excellent news for Nike, the manufacturer, the retailers and also the Football Association who will also get a cut from each sale. But it is also excellent news for the scammers and counterfeiters who will play on that increased demand and limited supply to fill the vacuum. There have been adverts on social media in recent weeks, carefully designed to say they aren’t selling the actual Nike replica shirts, but using language and imagery that suggests they are. Many of these stores will be genuine, but the products not what people are expecting. But there will also be online retailers who are offering what appears to be the genuine items but nothing will ever arrive – they have been scammed out of personal and financial information. That is hardly a feel-good moment. Unfortunately, it doesn’t take much searching to find websites selling the shirts at what appears to be too good to be true pricing (search “cheap England replica shirt” and see for yourself), whilst a search on some of the more popular market place websites review very cheap products, but using imagery from the back which means the images avoid detection from brand recognition software and also allows the sellers to ship low quality goods.

The cheap and often infringing merchandise situation is nothing new. In the US, Operation Team Player is the annual crackdown on merchandise around the Super Bowl. In the days leading up to the last Super Bowl in Tampa in February 2021, over 169,000 counterfeit items, with a street value of $44 million were seized. The war on counterfeits continues, fuelled by rampant demand for products such as the replica shirts.

It isn’t only fake merchandise which will cause issues in the next week for football fans. Whilst the number of fans allowed into Wembley has increased as social distancing regulations have been relaxed, the 90,000 capacity stadium will not be full, which means tickets will be at an extra premium. The face value price for tickets for the Final on Sunday range from £250 to approximately £815. Ticket resale websites are selling them from £1,800 per ticket up to £15,000.

If England do beat Denmark then demand for a place at Wembley for the team’s biggest game in over 50 years will be huge. The good news is that Covid-19 has meant that paper tickets have been replaced by e-tickets, which can be transferred securely via the UEFA App, so the sight of ticket touts/scalpers, on the way to the stadium with fistfuls of tickets is thankfully a thing of the past. However, like genuine buyers, they too have gone digital and will claim to be able to transfer tickets immediately to a willing buyer.

With entry on digital devices by QR Codes, the danger is that rather than tickets being sold, they are screenshots of a genuine ticket, sold multiple times, which can only be verified as genuine on arrival at the stadium and presentation of the QR code. If it has already been used, then access will be denied, meaning someone could have paid a huge sum for what appears to be a genuine ticket, only to find out at the last minute it is counterfeit.

Unfortunately, there is very little that can be done to stop this happening – should England lose to the Danes then that is one way whereby demand will fall very quickly, but even then tickets will be changing hands about face value for the final.

The message hasn’t changed – if something looks too good to be true it probably is, whether that is an England shirt for a big discount or tickets to the sold out final. Whilst we all want to play our part in supporting our nation in what could be our biggest and most successful week of football since 1966, we also need to be pragmatic enough not to be part of the problem fuelling intellectual property infringements and making the lives of the fraudsters easier and richer.

Enjoy the games and Come On England!

And yes, I do believe It’s Coming Home*

*It’s coming home is the opening line to a song, first released back in 1996 by Frank Skinner, David Baddiel and The Lightning Seeds for the 1996 European Championships held in England, and re-released two years later for the 1998 World Cup. Unfortunately, England didn’t manage to bring the trophy home on either occasion, nor at any subsequent tournament they have taken part in.

The reality behind the smishers

We are all familiar with the scam text messages that have become so common over the last year. The fraudsters have adapted their business models, realised that quantity rather than quality is the way forward and have bombarded us with requests for payment for undelivered parcels, fines for social media transgressions, payment requests to jump the Covid testing and vaccination queues and all such variants. Many of the texts have been poorly written with spelling and grammatical errors, whilst some just use URLs that are clearly not right. Those scammers are reliant on the less clued up recipients not checking or realising what they are doing.

The motivation for the fraudsters is always financial gain. Even if by following a URL there is no request for payment or money, the chances are that somewhere, someone will profit from your action. That may be simply confirming that the mobile number is genuine and can be sold on to another fraudster, or that there has been a download of malware onto the recipients computer, which in turn could be used to gain resellable or reusable personal and financial information. In worst case scenarios, personal medical information could be shared which is incredibly valueable to fraudsters.

The warnings about these scams are being broadcast but they are often lost in the noise of every day life. If you are suspicious of any text message you receive, you can report it to your mobile network operator by forwarding the text (in the UK) to 7726. Your network operator will then investigate.

But is is rare that we hear of major successes in talking this simple form of fraud. But last week police in Manchester raided a hotel room and arrested a man as well as removing equipment that had been used to send over 26,000 text messages in a single day claiming to be from courier and logistics firm Hermes, asking for payment to re-arrange a delivery. These such text scams have been on the rise in recent months, with the fraudsters trying the tactic of asking for a small payment (usually under £2) and hoping that it will not raise any concerns. However, the small payment is only the start of a bigger scam, as the fraudsters then have personal and financial information they can exploit even further.

Example of a Hermes text message received last week

Not only did the arrested individual have the equipment capable of creating the fraudulent text messages but also had over 44,000 mobile phone numbers stored, ready for more smishing attacks. Whilst this was a major success for the police, it is only the tip of the iceberg. There is likely to be hundreds of similar individuals up and down the country who are operating similar operations at the moment, creating havoc on a daily basis.

The diligence of the police and authorities is key in the war against fraud, but we all need to be ready and willing to take to the battlefield in the fight. That means questioning every suspicious text we receive, reporting them if necessary but most importantly, not giving the fraudsters any fuel to continue their operations by not engaging in any ways with them.

I’m fairy sure these are fakes….

How scammers use pictures of the real deal to trick online shoppers into parting with their cash

We are not in the business of selling cars, we sell dreams

A picture says a thousand words, so the saying goes, but what if the picture in question is fake, or the picture is real but the product, service or solution doesn’t exist?

One of the major selling points for any online merchant today is to have good imagery. In most instances we want to look at what we are buying, or who we are engaging with, from different angles, as well as reading genuine reviews. You don’t have to go far searching online for tales of woe of where reality is a very different world to what was advertised online, whether that is hotels, cars, clothes or even dates.

But there is a growing trend of fraudsters using images and product descriptions of genuine small businesses, riding off the back of their hard work in building their business then undercutting them and defrauding customers. Not only does this damage the revenues of the genuine businesses but it can also impact negatively on their reputations.

One small business that has seen this happen too often is FantasyWire, so much so that they now have clear warnings on their website that they do not advertise on Social Media and any similar products being advertised and sold are fakes. The artist behind the creations, Robin Wight, has taken years to grow his business only to see fraudsters look to profit from his intellectual property. The most common ruse used is to use Facebook Ads with a picture of a genuine work of Robin’s then direct potential buyers off onto a website to take payment, although the products can also been found on Amazon too (search “fairy wire sculptures”)

The commissioned art that FantasyWire sell starts from around £15,000, whilst the scammers offer their “products” for less than £50 – that in itself should be a major warning sign for any potential customer. If someone does buy one then at best they will get a sub-standard product that is nothing like the photos being used, or at worst they will receive nothing and their personal and financial details will be used in further exploits.

Whilst the artist can report the fake ads to the Social Media networks and the marketplace sites, he has to do each one individually. “They’re asking me to report every leaf off a tree and I’m trying to report a forest”, Wright told the BBC about the issue he faced not only on the fake ads but the overwhelming number of them.

For small businesses, a formal brand protection strategy may be too costly, although where there is clear evidence of damage to revenues and reputation the return on investment is worthwhile. However, one less formal way small businesses can get an idea who is using their IP, such as pictures of products in ads, is to use Google Image Search, where you can upload a picture and Google will search for where it is being used online. It isn’t foolproof but it is free and easy to use, with results appearing immediately and will give businesses an idea on the extent of the issue they face. Social Media networks and market place platforms need to do more to protect brand holders, especially in how they can report clear infringements. It is all too easy for fraudsters to set up their online presence, create fake ads and start defrauding people.

Naturally, we are all after a bargain, but somethings things are simply too good to be true and it pays to do a bit of research before parting with your cash. Not everything is what it seems online and whilst many of us lose our natural skepticism when we are using Social Media, it pays to be cautious – not only are you protecting yourself, but the owner of the real intellectual property and potentially other online shoppers too.

More details of the story can be found on this article by the BBC.

Copy that. No return on investment from cloned firms

Investment scams have been with us for hundreds of years. The South Sea Bubble investment scam dates back to 1720 and cost hundreds of investors their life savings. Ponzi schemes were the flavour of the times at the turn of the millennium to entice innocent investors to art with their money, whilst the current trend of cryptocurrency based fraud is a major concern for authorities.

The 2000 film ‘The Boiler Room’ focused on the a chop stock brokerage firm that runs a “pump and dump”, using brokers to create artificial demand in the stock of delisted or fake companies. When the firm is done pumping the stock, the firm founders sell and trade for legitimate stocks for record profits. However, the investors then have no one to sell their shares to in the market when the price of the stock plummets, causing them to lose their investment.

Whilst the film focused on the fictitious investment firm “J.T Marlin” and their illegal practices, it isn’t a pure work of fiction. Rogue investment companies exist today, to such an extent that the Financial Conduct Authority (FCA) have issued a report on clone investment scams.

In 2020 scammers sold more than £78 million in fake investment products in the UK alone, with the average loss to victims over £45,000. Some may think a 20 year old film was a work of fiction but it seems that clone investment firm scams are closer to the truth than we all believe.

The modus operandi used by many of these fraudulent firms is in the first instance to replicate/copy/rip-off legitimate firms, licensed in the case of the UK by the FCA. Websites can be quickly copied, replacing the name of the firm and the logo within a few minutes. Domain names can be easily registered, now using relevant gTLDs such as .Fund or .Investments, investment material and fake prospectuses can be generated quickly. It doesn’t take too long, too much investment and too many innocent victims for a fraudulent financial services firm to be making a profit.

The concept of the “Boiler room”, a high pressured, cold calling sales environment is often the starting point for the fraudsters, using cheap labour to plough through lists that have been bought, often segmented through social media interactions and profiles so that the calls are never truly random. But the nature of that conversation will be very much focused on the hard sell of these “once in a lifetime” investments.

They’ll try to convince you that they work for a genuine company and use high-pressure selling tactics to get you to buy ‘investments’. These ‘investments’ are worthless and often aren’t even offered by the company they’re pretending to be. Some may make multiple calls to build that element of a relationship and thus credibility. However, the investment and the subsequent promised high returns don’t exist.

Whilst most of us will say we wouldn’t fall for such a scam, we do. As the figures from the FCA prove, this is a highly lucrative business for the fraudsters, one that has delivered at least £78 million in the last twelve months to them, and that is only the cases that have been reported to them.

The common sense approach is if something sounds too good to be true, especially financial investments, it probably is. Regulated investment firms in the UK operate to a Code of Conduct and will not simply call anyone up randomly and ask them to invest over the phone. Virtually all regulated financial services companies will contact you via secure message. They certainly won’t ask for deposits to be sent via Paypal, Western Union or normally bank transfer.

If you are in any doubt, check their details on the FCA website (www.fca.org.uk). If they do appear on their register but you are still unsure, look up their details and call them or email using those to check if the approach was genuine. Incoming phone numbers are easily spoofed by fraudsters to make it appear they’re calling from the expected location or company, as too are emails.

A few minutes of research could save you being the victim of a scam that could cost you thousands.

Interview techniques

Having spent the last few months looking at opportunities in the market place, I am getting familiar with the tactics used by organisations to “streamline” the process. The last time I was looking for work was sixteen years ago when LinkedIn had just started to be a thing and the reliance was on searching print media for job openings as well as some of the bigger online recruiters. Most insisted on a face to face interview to discuss your cv, your job ambitions and what potential openings they had.

Today, it has all changed. It is now very easy for a company to post a position online, create an automated process and quickly create short-lists based on algorithms, AI and automation. The consequence is that far more applicants are applying for each job listed, because the odds of making a short-list have been significantly reduced as the filtering based on a cv or a LinkedIn profile can be done by computers in seconds. Consequently, with in many instances the human element in the initial job search being removed, more applicants apply, creating a catch 22 situation.

In the excitement to find an interesting role that ticks as many boxes as it can, we are often prepared to give away more personal information than is often needed. But we do so because the prize is so worthwhile. Except, what if there isn’t a job? What if the ad posted online is simply an elaborate phishing scheme to get candidates to share personal data that could be used for their financial gain?

Employment/Recruitment scams are nothing new. They have been with us for many years and have cost some victims thousands of pounds. There have been cases of individuals selling up and moving their families to a new country because they have a new role only to find on day one that there was never a job and the fees they paid to sort out visas or short-term accommodation have been pocketed by fraudsters. But the acceptance of our digital lives today has led us to be less cautious when it comes to giving out personal details.

It would take a fraudster a matter of minutes to create a fake company profile on Social Media, adding in a few exotic office locations, a fictitious management team and of course, some interesting open vacancies as the company looks to expand into new markets. Applicants for the roles need to submit CVs, a cover letter and complete a suitability questionnaire, all designed to glean information that could be resold on, or used by the fraudsters themselves to lure the candidate deeper into their web of lies.

Sounds far fetched? Well, have a read of this article, written by security expert Brian Krebs who reports on just this type of scam taking place a few weeks ago. This is just one example of a practice that is still far too common, especially as it looks to exploit those who may be in desperate need of employment. We need to take as many cautionary steps when seeking a new role as we do when buying from an unknown online store, or responding to a dubious text or WhatsApp message, and be especially wary if the firm approaches you cold, with an amazing offer of employment.

It doesn’t take much to determine whether a job opening is real or not. Whilst many of us will use LinkedIn or popular job sites such as Indeed, most firms will also list the roles on their own websites. So a starting point is to check to see if the role exists there. Still unsure about the company? When did they register their domain name – if it appears very recent and through a proxy registration that should be a red flag. Look at their address on an online map – does it appear to be real? When you search for the address, what companies are listed? Use tools such as Glassdoor to check on what current and former employees say about the business. Also, search for key individuals on LinkedIn – do they appear to be genuine?

The global economy is still in a state of flux and with economic support for many firms slowly being reduced, the employment market is likely to hot up again. A major “supply” of available people will ultimately increase the demand on vacant positions, and the one thing we know from the world of the fraudsters is when demand increases, so too does fraud.

Just too good to be true…again

We’ve all seen the giveaways on Social Media – whether they are free meals, free holidays, free technology and free cars and we’ve all reacted in the same way, ignoring them. Or have we? Has one particular offer ticked all the boxes and we’ve been tempted?

That’s not a surprise – the amount of personal information available to advertisers on some social media networks means that adds are incredibly targeted today. We can see that in action when you click on a link for a product and then it seems our timeline is awash with similar offers – as we can see from the examples below with these five different ads for the same items that appeared on my timeline within a few days – the legitimacy of the websites hasn’t been verified but that’s another story for another day. This is why social media advertising is an effective solution for many brands – the complex engagement algorithms ensure that we see, frequently, ads for products we like or at least appear to.

The more outlandish the giveaway, the smaller the number of people who engage. However, with over one billion active Social Media users, even a 1% engagement is a million people, all willingly giving away personal (and in extreme cases, financial) data that can be used by advertisers, or worse, sold onto scammers who have more nefarious intentions.

The modus operandi of many of these giveaways is the same. “Like our post, share it with your friends and click on this link so we know where to send the prize”. There is no prize, there is no giveaway. At the best, you will be sharing that personal data, at the worst, by following the link you could infect your machines will all sorts of malicious scripts and programmes that could seriously damage your wealth. The page may look authentic – correct logo, even some branding, but it is so easy to set up as the template of the pages is that of the social media network. People believe that if it is on Facebook/Instagram/Twitter then it must be real. Whilst the networks do their best to remove content that infringes on intellectual property, they often have to work reactively, and that means some damage will be done.

One recent example involved the car manufacturer Toyota, as reported in this article, with the promise of a new car for one lucky person, to commemorate the brand’s 80th birthday. Except their birthday was nearly four years ago and all someone has done is repurposed their marketing from 2017 to make it seem like a new giveaway. That is how easy it is to create these scams. The return on investment for those behind the fake giveaways is minute – personal information is very valuable to rogue parties and so it only needs a handful of people to engage with an ad for the scammers to be in profit.

It isn’t just expensive items that are given away though. One recent example, prior to the return to pubs and restaurants in the UK promised a free meal at a popular chain just for liking/sharing and submitting a few details. With over 50 million Brits unable to eat or drink out since Christmas, the pent up demand to return to something normal was such that no bar or restaurant would need to offer freebies to get people back!

It is unlikely that we will see less of these ads or giveaways, despite our vigilance, which is why we all have a part to play. As Social Media users we can report any ad that ticks the boxes of being suspicious so their abuse teams can investigate; as brand holders we can use monitoring solutions that detect the use of brand names in social media adverts and campaigns and can take action accordingly. But it is important we do something. The ads may have poor spelling, terrible grammar, use misleading pictures and clearly infringe on intellectual property to an extent that they are laughable, but unless we do something they will continue to get more sophisticated and dupe more people.

Bad maths – when 401 = 40

Unfortunately, it is rare that online fraudsters are caught, let alone prosecuted which is why the news that one such criminal was arrested and brought to justice is something to note. The case in question didn’t rely on technology or high levels of complex deception, but it underline that often the simplest attempts at scams often yield the biggest results.

In April 2021 in the case heard in front of the Southern District of New York court, the Department of Justice won their case against a Nigerian man, living in Atlanta for conspiracy to commit wire fraud. The guilty party was fined $2.7m and imprisoned for 40 months for his scheme based on Business Email Compromise (BEC), a particular form of 401 scams that target firms to send money to genuine looking third parties.

The defendant worked with a number of other individuals, all of whom targeted large organisations, both in the US and overseas, trying to trick them to pay bogus invoices. The court proceedings outlined the nature of the fraud as follows:

“The group perpetrated a fraudulent BEC scheme through which they deceived dozens of victims, both foreign and domestic, into wiring millions of dollars to bank accounts controlled by the syndicate. The fraud was perpetrated by sending victims “spoofed” emails, which purported to be from counterparties whom the victims knew and trusted, and which contained wiring instructions fraudulently directing the victims to send funds to accounts that were in fact controlled by the defendants and others involved in the scheme.”

In order words, the group gained knowledge of who some of the suppliers of services were to their victims, set up bank accounts in those organisations names and then sent fake invoices to the companies being targeted. Once of the companies defrauded was an intergovernmental organisation headquartered in New York who lost nearly $200,000.

Over the course of a two year period, 35 known organisations were defrauded out of almost $2.7m using a relatively rudimentary approach before they were caught by the FBI.

We are beginning to be accustomed to fraud and cyber attacks at an every growing level of sophistication, which is great. Staff are being educated to see the signs of BEC attacks, social engineering and malware attempts, but sometimes, as this case proves, we also need to ensure that basic procedures on the sign off of invoices and payments are checked and checked again. Many organisations will use specialised payment systems that will ensure any authorised invoices to be paid will only go to the bank details held on file rather than on the invoice, but that shouldn’t stop any organisation just erring on the side of caution if something doesn’t look right.

The sheer AUDAcity of scammers

Two weeks ago auDA, the organization that has responsibility over the Australian ccTLD, .au, implemented a new set of rules on ownership of its domain names. Whilst the changes have been controversial within Australia, it has also led to an increased threat from scammers who have been exploiting the implementation of new rules by demanding the sharing of personal information from registrants.

From the 12th April, all new registrants of .AU domain names, and those renewing existing registrations need to comply with a number of registration criteria, designed to protect Intellectual Property holders. Whilst the sentiments behind this are good, those hell-bent on causing issues are utilising the new rules to try to attempt to hoodwink unsuspecting domain name owners.

The new rules state that to be eligible to hold any name in the .au ccTLD you must first meet the Australian Presence requirement. For organisations, this means being able to meet the Australian Presence requirement by holding an Australian trademark (including a pending application) that appears on the Australian IP database.

Prior to the 12th April, the domain name could be “closely and substantially connected” to the trademark registered, which gave organisations the opportunity to register misspellings and domains with subtle differences, providing additional protection against Typosquatting. The new rules state that domain names now need to be an exact match of the registered trademark (there is some leeway in the use of punctuation and common adjuncts). If an organisation isn’t able to provide the necessary trademark registration then it will lose their domain name.

For some registrations proof of Australian presence or citizenship is necessary, which has led to auDA, issuing another warning about the rise in malicious activities from scammers who have been contacting existing registrants and asking for copies of identification such as passports and drivers licences. The nefarious actions were first seen back in January, with very authentic and official looking emails asking registrants for this information.

Whilst the domain names themselves didn’t appear to be under threat, the fraudsters would use the personal, and in many cases, confidential information from the IDs to either resell or to assist in fraudulent activity themselves, such as applying for loans, bank accounts and other financial instruments.

The changes will impact brand holders in a number of ways. They may now need to look at alternatives as to how they hold and register their .au domain names if they are based outside of Australia as well as potential additional brand protection measures to cover typographic registrations. On the flip side, restricting registrations just to exact trademark records means additional costs for any cyber criminals looking to exploit the IP of a brand as they would need to also consider a trademark registration as well as the domain name.

For more details of the change, please go to auDA’s information page here.