Business Fraud Stories: Part 2.

Janelle's Story - Payment Switching

Janelle is a huge Ed Sheeran fan, as is the rest of her team at work. So when she saw that Ed was playing a concert in Perth, Janelle asked her manager Pam if they could make it into a team event.

Janelle managed to organise a package deal through one of the business’ suppliers and paid them using business banking on her personal laptop.

As usual, she followed all the prompts, double checked the information on the invoice and entered ‘Ed Sheeran’ as the payment description. Pam then logged into her online business banking, saw ‘Ed Sheeran’ in the description and approved.

Two week later the tickets still had not arrived, so Janelle called the supplier who said they were still awaiting payment. She checked the details of the payment and noticed the BSB and account details were different to what she had entered.

Janelle and the business were victims of man in the browser fraud.

What happened?

The computer Janelle used to do her business banking was infected with a banking virus which was advanced enough to change the BSB and account details of a payment even after Janelle had submitted the correct ones. The bank only receives the altered details and processes the payment based on that information.

Pam only checked the description and not the BSB and account details in the payment, so she didn’t pick up the discrepancy and stop the payment being made.

What you should do

You should always check the BSB and account details closely in the pending payments page before approving. Importantly, you should only use a trusted and secure machine to do your banking. Personal devices are trusted however can often be insecure, so make sure you have up-to-date antivirus software.

For more advice visit: Online banking security.