As a financial planner who has worked in financial services since the early 2000’s, I have seen the evolution and risks that technology can pose when it comes to transacting in the digital world.
The term “spoofing,” once familiar to us through comedies like Monty Python, Blazing Saddles, and Austin Powers, has taken on a more dangerous connotation. In today’s digital world, “spoofing” is a tactic used by scammers to disguise their identities and impersonate legitimate senders, at times leading to serious financial consequences.
One concerning trend involves email scams that target families arranging aged care for their loved ones. Scammers have been known to gain access to personal email accounts, intercept communications, and manipulate payment details to redirect significant sums of money into their own accounts.
I had previously heard of a disturbing case where a family was arranging a Refundable Accommodation Deposit (RAD) payment for their parent’s transition into aged care. A hacker infiltrated the family member’s email account, browsing through legitimate emails from the aged care home.
By creating a fake email profile that appeared strikingly similar to the official communications—complete with logos and an almost indistinguishable email domain name—the scammer masked their identity.
Using accurate details such as the aged care resident’s name, address, and room number, the hackers altered the bank account information for the payment. This resulted in a substantial sum, meant for the aged care home, being diverted to the scammer’s account, leaving the family with no recourse to recover the lost funds.
However, I’ve also seen situations where these scams have been caught in time. In one recent incident, a vigilant bank teller noticed discrepancies between the bank account details provided and the records for the aged care home, preventing the fraudulent transaction.
Grateful for the intervention, the family member immediately took steps to secure their email account with stronger passwords and enhanced security measures.
In my role, I stress the importance of vigilance when handling sensitive information such as bank account details, tax file numbers, superannuation information, and other personal data.
I advise that these should never be shared online or through email without proper safeguards in place. It’s critical to be proactive about securing online communications to prevent such devastating outcomes.
I also encourage my clients and others to adopt additional precautions: verify payment details through a separate communication channel before making any transfers. In situations like the one above, it’s always safer to call the aged care home directly to confirm payment details over the phone or, if possible, in person.
Most importantly, I recommend protecting email accounts and crucial online data with strong passwords and two-factor authentication to minimize the risk of unauthorized access.
As cybercriminals continue to evolve their tactics, it’s essential for families and aged care providers to stay informed about these threats and take steps to safeguard themselves. By sharing these experiences and raising awareness, I hope to help others avoid falling victim to similar scams.
Rob Jeselnik is Principal and Financial Planner at Wealth Dimensions Financial Group