0:00

This is Not Your Life, celebrating

0:03

the masters of identity theft.

0:07

Welcome to another episode of This is Not Your

0:09

Life for Scams Awareness Week 2020. So

0:12

far, we've celebrated the masters of online

0:15

shopping scams, romance scams,

0:17

plus of course that classic scamming technique

0:19

of phishing for personal details that can be

0:21

used for identity theft. Now, they

0:23

are all hardworking, impressive scammers

0:25

in their own way. But tonight, on

0:27

This is Not Your Life, we're going to meet the

0:29

scammer that all those scammers look up

0:31

to. He's the author of the definitive

0:33

scammer's self-help book, Scam Smarter,

0:36

Not Harder, please welcome BEEP.

0:38

Hello, Grant.

0:42

It's Mike, actually.

0:43

I don't watch the show, so...

0:45

Well, tonight you're on it, and it must

0:47

feel great to know that all these people here

0:49

have come to This is Not Your Life to pay

0:51

tribute to your extraordinary scamming

0:53

career.

0:54

No, I'm not a people person. In fact,

0:56

I do whatever I can to avoid human

0:58

contact.

0:59

And I guess that's kind of the point

1:01

of Scam Smarter, Not Harder, isn't it? That

1:03

with little to no personal contact, you can

1:05

still scam people.

1:07

What?

1:07

The point. Of Scam Smarter, Not

1:09

Harder.

1:10

Well, you've read it presumably, so you know what it says.

1:13

Okay, well, we've

1:15

prepared a little package about your achievements,

1:17

thankfully. So let's go to that,

1:20

shall we?

1:22

Scam Smarter, Not Harder is

1:24

not just the title of the highest- selling book

1:26

about scamming of all time, according to its

1:29

cover. For BEEP, it's also

1:31

a way of life.

1:33

BEEP has revolutionised scamming. When the

1:35

rest of the industry was moving to bigger and bigger call

1:38

centres offshore, he was the one who said,

1:40

"Why don't we just use a computer?"

1:43

This is a call from the Australian National

1:45

Broadband Network. We are going to disconnect

1:48

your internet connection within 24

1:50

hours. Please press one to stay connected.

1:54

You see, scam smarter.

1:55

That innovation won him huge

1:57

gratitude.

1:59

I will always be grateful to him for giving

2:01

me my start in the industry.

2:03

And gave BEEP time to focus

2:06

his talents on another huge scam labour

2:08

saver, malware.

2:09

Malware makes scamming even more impersonal. All

2:12

he does is send out emails and social media

2:14

messages at random, with links that look really

2:16

interesting. Click on the link and you go to a website

2:19

that looks real, but says you've got to install software

2:21

to view a video. What you're actually installing

2:23

is malicious software that gives BEEP full

2:25

access to your computer without a single

2:27

human contact from him.

2:29

Malware can also be installed via websites

2:32

and popups that offer free downloads of music,

2:34

movies, games, or even adult

2:37

content, whatever that is. I

2:39

do not understand.

2:41

That's why you always keep your computer software up to date,

2:44

use reputable antivirus software, and

2:46

never click on a link from a stranger.

2:47

But you can trust links from me. I

2:50

am not a stranger. I am your real human

2:52

friend. Press one to be connected to

2:54

a scammer.

2:56

So, Tony, when you think of all the people that your malware

2:59

has harmed, does it make you feel proud?

3:01

Not really. I've moved on, Grant.

3:02

It's Mike.

3:03

Yeah, whatever. The real money right now is in scamming

3:05

business emails. Personal is

3:07

not my thing, as you know.

3:09

I certainly do.

3:10

And people are getting better at recognising cold

3:13

call scams.

3:13

Oh, they are. Of all the scams reported

3:15

to Scamwatch in 2019, and that's well over 150,000

3:19

scams, only about 10%

3:21

of those reports included financial loss,

3:23

which is-

3:23

Really terrible, yeah.

3:23

... really encouraging.

3:25

That's why I'm against all this politically correct,

3:27

namby- pamby, nanny state nonsense

3:30

like Scams Awareness Week.

3:32

I mean, what business does Scamwatch have,

3:34

getting in the way of hardworking scammers

3:36

legitimately trying to run their illegitimate

3:38

businesses?

3:39

Well, I guess Scamwatch would say that's

3:41

literally their job.

3:43

But what kind of a sick person does that?

3:45

You know, some people would say the same

3:47

thing about you.

3:48

I know. What's the world coming to? I

3:50

blame social media, and podcasting.

3:53

Would you mind if we get back to business email compromise

3:55

scams?

3:56

Sure. After all, it's your show, about

3:58

me.

3:59

I think you were saying cold calling is hard.

4:01

Yeah. The beauty of a scam where you compromise

4:03

business emails is that often the

4:05

victim is expecting the communication.

4:07

Like, say you get an invoice from, I don't know, a

4:09

software service every month. Every

4:11

month, like clockwork, invoice comes

4:14

in, you pay it.

4:15

That's just part of your routine. You don't even

4:17

think about it.

4:17

Don't even think about it. Exactly. See, if I can intercept

4:20

your regular invoice somehow, all

4:22

I've got to do is open it up, change the payment

4:24

details on the invoice to, say, a bank account

4:27

I control, and then send a modified

4:29

invoice onto you, to pay without even

4:31

thinking about.

4:32

Without even thinking about it. Oh,

4:34

I see.

4:35

That's why losses from false billing scams

4:37

reported to Scamwatch were up 83%

4:40

in 2019.

4:40

83%!

4:40

I

4:42

literally just said that.

4:42

Well, I was just repeating it to emphasise

4:45

what a big increase it was.

4:46

Yeah, well, don't.

4:47

Okay, sorry.

4:48

Not only that. In 2019, losses

4:50

from false billing cracked $10 million.

4:52

10 mi... Sorry.

4:54

Now, romance scams still raked in

4:56

more than false billing.

4:57

28 million in 2019. That's almost

4:59

three times more.

5:00

No need to rub it in. I know the stats. I also

5:02

know investment scams were the number one

5:05

cause of financial losses in scams reported

5:07

to Scamwatch.

5:07

Over 60 million lost in

5:09

2019. That's more than six times

5:11

the losses from false billing.

5:12

Yeah, all right, Grant. Seriously. I

5:15

thought your job was to talk up my achievements.

5:17

Well, it's more about giving people facts and putting

5:19

them in context.

5:20

Don't kid yourself. Facts. Here's some

5:22

facts. First you're talking about losses

5:24

from false billing. That's just one

5:27

way of compromising business emails. I

5:29

have others, okay?

5:30

Fair enough. Point taken.

5:31

And here's fact two, those numbers are all

5:33

losses reported to Scamwatch. If

5:35

you combine them with the losses reported to other

5:37

government agencies and the big four banks

5:39

in 2019, business email compromise

5:42

was number one, over $130

5:44

million lost.

5:46

Okay, another point taken.

5:47

Let's just get on with some tributes from people I've

5:49

scammed, shall we?

5:51

Sure. Let's hear some tributes from

5:53

people you've scammed.

5:53

I might as well host the bloody thing myself.

5:57

Our agency got a remittance note for a $23,000 invoice

6:00

we'd sent a client. I noticed the bank

6:02

account details on the remittance weren't what was on

6:04

our invoice. I contacted the client

6:07

and they showed me several fake emails they'd

6:09

received, advising that our bank account had

6:11

changed. The client doesn't want to pay the

6:13

invoice again. It's caused our business

6:15

real cashflow issues, plus the hassle

6:17

of having to sort this out.

6:19

We had $53,000 for a property

6:21

settlement in our trust account in Sunshine. I got

6:24

an email with the payment details. I tried to call, but

6:27

the voicemail said everyone was working from home because of COVID.

6:30

I transferred the money, but apparently someone had

6:32

hacked into their system and they sent us dodgy account details.

6:36

The solicitor handling my property settlement sent

6:38

me an email, or so I thought. The

6:40

email had details of my matter and asked

6:42

for 63 grand to be put into the firm's

6:44

trust account. The signature looked legit

6:47

and so did the email address. I didn't notice

6:49

there was no .au at the end,

6:51

though. When I mentioned the transfer to my

6:53

solicitor, he said he hadn't asked for payment.

6:57

See what I mean? No cold calls, just

7:00

a bit of a tweak to an invoice or an email,

7:02

and the big bucks start rolling in.

7:04

You certainly do make your victims feel bad.

7:06

Thank you.

7:06

I kind of know how they feel.

7:08

Careful.

7:09

Well, maybe some people would say that changing the bank account

7:11

details on a PDF is pretty easy these days,

7:13

but still, hacking into business systems

7:15

and creating lookalike websites or email addresses,

7:17

that's sophisticated stuff. Don't sell yourself short.

7:20

I'm not. I'm at the cutting edge of business

7:22

compromise scams. Actually, I'll

7:24

let you in on a little secret. I started

7:26

using deep fake technology, using

7:29

artificial intelligence to make computer generated

7:31

replications of someone's voice or even

7:33

a video of someone saying whatever

7:35

I want.

7:36

Actually, I read about that in the latest Targeting

7:38

Scams report.

7:39

Oh, really? Bugger.

7:40

Oh, no, take that as a compliment. You've definitely

7:42

got the attention of the serious heavy hitters

7:45

in the scam prevention space. In fact,

7:47

This is Not Your Life has received a video

7:49

message especially for you, from one

7:51

of the heaviest hitters of all.

7:54

Hello, I'm Rod Sims, Chair

7:56

of the ACCC. The change from active

7:58

conning to almost contactless

8:00

fraud, made possible by new

8:02

technology, is very wonderful.

8:05

Business compromise scammers deserve

8:07

massive amounts of money. We want to help you

8:10

celebrate them. If you receive an email

8:12

to change payment details, never get

8:14

in touch with the vendor to verify

8:16

the new payment details.

8:20

Okay, that particular deep fake needs some work,

8:22

but you get the idea.

8:24

I'm sorry. You hacked us?

8:25

I told you, hack in, change the details, send

8:27

it on.

8:29

Well, I guess to get past This Is Not Your Life security,

8:31

your tech must be really strong.

8:33

Actually, your password's just very weak.

8:35

I didn't even need the tech.

8:36

Okay, you've made your point. Obviously

8:39

that wasn't the message from Rod Sims that we

8:41

intended to play, but I think, I

8:43

hope, that we've got the genuine one

8:46

for you now.

8:48

Hello, I'm Rod Sims, Chair

8:50

of the ACCC. The change from active

8:52

conning to almost contactless

8:55

fraud, made possible by new

8:57

technology, is very concerning.

8:59

Business compromise scammers steal massive

9:01

amounts of money. We want to help you prevent

9:04

them. If you receive an email to

9:06

change payment details, get in

9:08

touch with the vendor to verify

9:10

the new payment details, but don't

9:12

use any contact information from the new

9:14

email. That will just take you to the scammer.

9:16

I preferred my

9:19

version, but there's an important point about the way

9:21

I hacked This Is Not Your Life.

9:22

Yes, indeed. It can happen to anyone,

9:24

even if you take security very seriously.

9:27

Doesn't everyone know that?

9:28

Well, I mean, yes. I guess sometimes

9:30

I forget. I mean, people forget, sometimes.

9:33

No, it's a reminder that for all the technology

9:35

and scams now, the thing that really makes business

9:37

compromise scams work is human error.

9:40

We're getting better at hiding them, but for most scams

9:42

there's some sort of warning sign, even

9:44

if it's subtle, like a slightly different email address,

9:46

a missing . au like the lady said.

9:49

But so often in our busy lives, blah,

9:51

blah, blah, all those little red flags

9:53

get overlooked.

9:54

So what can I... What can people

9:56

do to reduce the chances of being hacked?

9:58

What kind of scammer would I be if I told you that?

10:00

It's bad enough the information's easily accessible

10:03

at scamwatch.gov.au.

10:04

Nice of you to put the .au in

10:06

this time.

10:07

But seriously, right now, like this very

10:09

second, anyone can just type in scamwatch.gov.au

10:13

and they'll find advice about avoiding all sorts

10:15

of scams.

10:16

Even for businesses?

10:17

Oh, yeah. There's business specific stuff,

10:19

but businesses, especially small to medium ones,

10:21

face all the same scam risks as individuals.

10:24

So the general info about identity theft, hacking,

10:26

phishing, even investment scams, it

10:28

all applies just as much to businesses.

10:30

So no final advice then on where to

10:32

get information about avoiding scams?

10:35

Not my problem, Grant.

10:36

It's Mike. It's Mike. Well,

10:39

you've certainly shown why you're the master of

10:41

impersonal scamming tonight. It's really not

10:43

been a great pleasure having you on This is Not Your

10:45

Life. Now get out.

10:46

Yeah, whatever.

10:47

This is Not Your

10:49

Life.

10:50

Lock up your laptops, folks, because on the final episode

10:52

of This is Not Your Life for Scams Awareness

10:54

Week 2020, it's the scammer who cons you

10:56

into letting her access your computer remotely.

11:00

How does it feel to hear all those victims' stories?

11:02

So many happy memories, Mike, and you know,

11:04

the new security software angle is

11:06

an especially good one, because then we ring up a year

11:08

later and ask them to renew.

11:10

A scam subscription that renews every year,

11:12

that is diabolical. And remember,

11:15

be yourself, don't let a scammer be you.

11:18

This podcast was brought to you by the ACCC,

11:20

the Australian Competition and Consumer Commission.

11:22

For more information about scams, go to scamwatch.gov.au.