Jeffrey’s* business account was due $91,000 from a client who normally always paid on time.
He called the client and the client said the bill had been paid “weeks earlier” to Jeffrey’s new bank account.
Jeffrey said: “What new bank account?”
That’s when Jeffrey realised their business email had been compromised and the client had been sent an email with a scammer’s bank account details – and the client had paid it.
For Jeffrey, his business was $91,000 out-of-pocket, meanwhile the client was under the impression they’d settled a debt.
Who in this situation is liable? Jeffrey’s business, as their email was compromised, or the client as the client didn’t check why the bank account details had changed?
Unfortunately, business email compromise is common in Australia.
The Australian Competition and Consumer Commission’s June 2020 Targeting Scams report said the…