Author: Teamwsib

How to spot five common impersonation scams

All scams involve a form of impersonation, but some disguises are more popular and effective than others. Here’s how you can spot five common types of impersonation scam and help keep your money protected.

See below on how to spot common impersonation scams.

1. Bank impersonation scams

Bank impersonation scams are common in Australia and increasingly hard to spot. Scammers can make their calls and text messages appear to come from your bank, they can even send you text messages that appear in the same chain as other legitimate messages. Scammers may also use phone numbers that are similar to a bank’s legitimate phone number – hoping you won’t detect the difference.

Search icon
Watch out for

Any request for payment, personal details or login credentials from a person or institution claiming to be from your bank.
Phone with message icon
A real-life example

Scamwatch has warned of a rise in scammers saying they’re from a legitimate bank, often claiming they’re from the fraud department. They may refer to your account being compromised, a suspicious transaction, or an online banking outage and urgently ask you to transfer your funds or share your login credentials to protect your accounts.
Tick icon
Safety tip

Your bank may legitimately contact you if they suspect suspicious activity on your account. But your bank will never ask you for login credentials such as your banking password, and they won’t ask you to make payments or transfer money.
Phone with a Macquarie Authenticator message

You’re in control

Multi-factor authentication (MFA) is popular and generally effective. However, it’s important to know that if you’re using SMS for multi-factor authentication, it’s not the safest option on the market, as SMS can be compromised.

For example, if your phone number is illegally ported, a criminal can receive your messages – including from your bank – and use them to get access to your accounts.

Macquarie customers can use Macquarie Authenticator instead of SMS to verify important transactions and account activity.

2. Government impersonation scams

To gain your trust, scammers often pretend to be from government organisations or departments. This can include Services Australia, Centrelink or the Australian Taxation Office. Increasingly, scammers are also claiming to be agents of international authorities, targeting culturally and linguistically diverse communities.

Search icon
Watch out for

An unsolicited email or text which contains a link or an urgent request for payment, your login credentials or your personal details. Scammers may also call and threaten arrest, deportation, or other legal action.
Phone with message icon
A real-life example

The NSW Government is aware of several scams circulating using Revenue NSW and Service NSW branding. These scams are seeking urgent payment for fine notices that do not exist.
Tick icon
Safety tip

Government organisations won’t ever send a link asking you to log in to online services (such as myGov) in a text message or email, or with an urgent request for payment.

3. Celebrity impersonation scams

A tactic that is growing in popularity on social media is scammers using the image and name of a well-known person to endorse their fake product, scheme or investment scam. Often, scammers create fake profiles, using legitimate images, to appear trusted. Romance scammers may also pretend to be a celebrity, typically using social media as their starting point for a conversation.

Search icon
Watch out for

Videos or images which show a public figure endorsing an investment opportunity. Deepfake technology is often used in celebrity impersonation scams, making a fraudulent video or image appear legitimate.
Phone with message icon
A real-life example

The Australian Competition and Consumer Commission (ACCC) shared that an Australian lost $80,000 in cryptocurrency after viewing a deepfake video of a public figure on social media. The victim registered their details, invested their funds, and watched their significant returns grow via an online dashboard. However, the setup was fake, and the money was stolen by scammers.
Tick icon
Safety tip

Often, a well-known public figure will issue a warning about scammers impersonating them. In addition to independently verifying any investment opportunity you find, you can search for warnings issued by the celebrity endorser.
Phone with a pop-up scam message

What to do if you’re scammed

If you’re the victim of a scam, it’s important to remember that you’re not alone. Scams are common in Australia and worldwide, and there are support services available to you, including steps from the Australian Government to help guide you.

Unfortunately, scammers often target victims again, with the promise of helping them recover some of their lost funds. Never engage with unsolicited or advertised support for scam recovery services, only work with trusted institutions such as your bank or government agencies, using contact information you have independently verified.

4. Family and friends impersonations

‘Family and friends’ impersonation scams involve a scammer pretending to be someone you know who needs your help urgently, usually in the form of payment. Sometimes scammers may even use a photo of a family member or friend, or deepfake technology to impersonate them in a voice note or video.

Search icon
Watch out for

A message via text or social media with a request to transfer money or share login details, from a number or person you don’t recognise. The text may suggest your family member or friend is in urgent need of support.
Phone with message icon
A real-life example

The ‘hi mum’ scam has cost Australians millions, according to Scamwatch. This is when a scammer will pretend to be a person’s child contacting their parent from an unknown number, claiming to have lost or damaged their phone. They’ll often request money or banking login credentials to help them recover their device.
Tick icon
Safety tip

If you’re contacted by someone claiming to be your son, daughter, relative or friend, start by calling them on the number already stored in your phone to confirm if it’s not in use. Even if you’re unable to make contact, you should still assume a scammer is trying their luck. You could try asking personal questions a scammer couldn’t know the answers to, being careful never to reveal any sensitive information in the process.

 

5. Job impersonation scams

These types of scams involve the impersonation of trusted companies to encourage you to part with your money or grant access to your bank account. There are many layers to job impersonation scams, from scammers offering low-effort, high-income jobs that require an upfront payment, to scammers asking to use your bank account to hold and transfer money – and pretending it’s a legitimate part of the role they’re offering.

Search icon
Watch out for

Job opportunities that are unsolicited or appear too good to be true, including an income higher than the market rate for relatively low hours or a role that never requires you to meet your employer in-person.
Phone with message icon
A real-life example

The Australian Federal Police warns scammers are targeting students and offering them payment to receive money into their bank account and transfer it to another account or cryptocurrency exchange. Known as ‘money mules’, these students are often recruited via fake job offers and may be unknowingly transferring stolen money.
Tick icon
Safety tip

Never enter any employment arrangement that asks for upfront payment or access to your bank account.

 

Your steps to staying safe

Sophisticated technology means scammers can convincingly appear to be someone you know or an institution you trust. No matter what the situation, you can help keep your money protected by following these principles.

Speech bubble icon

Pause

Take a moment and think, does this offer seem too good to be true? Ask yourself, is it unusual for this person I know, or this stranger or celebrity I don’t know, to be contacting me like this?

Processing icon

Process

Independently verify any investment opportunity or request for contact using research and contact information you find on your own. If in any doubt, don’t proceed.

Security icon

Proceed

Only move forward if you’re confident in your independent verification and remember – a bank, financial institution or government agency will never urgently require you to transfer money or share your sensitive information.

How to avoid scammers

Scammers are constantly evolving their tactics to target small businesses. The federal government’s Scamwatch site is a great resource for understanding the latest scams and for reporting a new scam.

Knowing what scams are out there and what you can do to help prevent them can be crucial for safeguarding your business. Here are some of the most common scams and their tactics, to help protect you and your business.

  • In a phishing scam, cybercriminals send emails that, at a glance, appear to come from reputable sources. These emails are laced with malicious links or attachments designed to pilfer sensitive information. These scams rely on clicking harmful content so the criminals can get into your system. Vigilance is paramount; always verify the legitimacy of any email before taking any action
  • With invoice scams, fraudsters send fake invoices, banking on being paid without being scrutinised. These invoices closely resemble genuine documents, making them difficult to distinguish from the real thing. Businesses are vulnerable, as the sheer volume of invoices processed can make it challenging to catch every deception. Implementing stringent verification processes and maintaining open lines of communication with suppliers can help thwart these attempts
  • Business email compromise (BEC) is a particularly insidious scam where hackers impersonate executives or trusted colleagues, requesting money transfers or sensitive information. The sophistication of these scams often involves compromising email accounts, making the requests appear legitimate. The financial implications can be severe, underscoring the importance of robust email security protocols and employee training
  • Tech support scams involve emails from legitimate IT support services. These fraudulent entities claim to help fix computer issues but instead install malware or charge exorbitant fees for unnecessary services. The key to avoiding these scams is to be wary of unsolicited tech support offers and seek assistance only from known and trusted sources
  • Fake business opportunities are another common scam, where offers that seem too good to be true require upfront payments or personal information. These scams can lead to financial loss and compromise sensitive data. It’s essential to be wary of any opportunity that demands payment before providing value.

Stop scammers in their tracks

Education is paramount to help prevent scams. Here are some steps that can help increase your team’s understanding of scams and how to deal with them.

  • Hold regular sessions to teach your employees how to spot scams. Use real examples to make the training relevant and engaging
  • Keep scam awareness top of mind with posters, newsletters and reminders around the office. Regular communication helps reinforce best practices
  • Test your team with phishing simulations to identify vulnerabilities and improve responses to actual threats
  • Mandate multiple approvals for large transactions to catch fake invoices and suspicious requests
  • Educate your team that urgent requests, unfamiliar accounts or deals that seem too good to be true are red flags.

Cyber insurance can provide important protection in the event your business experiences a cybersecurity incident. But it’s a last line of defence and it’s essential to have all the right mitigation strategies in place to prevent scammers from successfully breaching your systems and protocols in the first place.
Contact your Steadfast broker today to find out more about the latest scams and how to help prevent them.
For customised insurance advice and on cyber insurance please contact our experienced account brokers us at (02) 9587 3500.

Important notice
This article is of a general nature only and does not take into account your specific objectives, financial situation or needs. It is also not financial advice, nor complete, so please discuss the full details with your Steadfast insurance broker as to whether these types of insurance are appropriate for you. Deductibles, exclusions and limits apply. You should consider any relevant Target Market Determination and Product Disclosure Statement in deciding whether to buy or renew these types of insurance. Various insurers issue these types of insurance and cover can differ between insurers.
Steadfast Group Ltd ACN 073 659 677

Return to Work Programs

As we enter into the festive season many businesses are starting to wind down operations and deservedly so after another busy year. However, Saunders Safety & Training have received a record number of enquiries pertaining to Return to Work Programs and just like the summer weather, things are heating up!

 

A Return-to-Work Program is a NSW specific Policy setting out an organisations commitment to supporting a staff member through their recovery from injury or illness resulting from a workplace incident. It needs to clearly set out who within an organisation is delegated authority to support your people, how those people are equally supported by other internal and external stakeholders, and how sensitive information is stored and used in the future prevention and management of workplace injury.

 

Most employers are legally required under the various pieces of Legislation & Guidelines to hold a compliant Return to Work Program, show evidence of consultation with the workforce (and potentially the industry union), and update the program at least every two years.

 

The increasing number of enquiries coming through Saunders Safety & Training for assistance in this space is reactive to audits and inspections undertaken by the State Insurance Regulatory Authority (SIRA) and unfortunately many of these enquiries are coming with Performance Improvement Notices (PIN) and financial penalties to the company.

 

As we head into the holiday season, it is a timely reminder safety in the workplace never stops and nor does the attention of the safety regulator. We strongly encourage all employers to review their policies and where needed and reach out to Saunders Safety & Training who have the capability to deliver these policies and education to prevent financial and reputations damage to the organisation.

Utilising Insurance to Enhance Your Employee Benefits Program

Incorporating insurance options into your employee benefits program can significantly enhance the value and appeal of your organisation, positioning it as an Employer of Choice while improving employee retention and satisfaction.

Here are some strategies to effectively utilise insurance:

  1. Group Journey injurY 

    This product is intended to provide personal accident insurance to Australian based businesses, partnerships, joint ventures, charities, educational institutions, corporations, organisations and government bodies for injuries sustained whilst their employees are travelling to or returning to their homes, for the purpose of commencing or following the completion of their days’ work.

    It is designed for customers seeking cover to mitigate the financial loss they may face as result of their employees suffering from unexpected accidental death, injury or disability as a result of an accident occuring whilst their employees are travelling to or returning to their homes from their usual place of work, for the purpose of commencing or following the completion of their days’ work. It is designed for customers to choose the appropriate options and selection of covers. The product contains different cover benefits depending on the selected cover type and has a range of specified covers as well as optional covers that may be available to customers at a varied cost.

  2. Group Personal Cyber Protection

     

    As technology continues to infiltrate our lives, protecting yourself and your family against cyber risks has never been more important. Personal Cyber Protection Insurance is an important part of any household’s cyber risk mitigation and recovery strategy.

    Emergence Insurance (Emergence) has claimed an Australian “first” with the launch of its group personal cyber insurance, which employers of any size can offer as an employee benefit for team members. The offering covers employees and their family members. It could cost less than $1 weekly per employee and has no excess, according to Emergence.

    Emergence’s group personal cyber policy provides cover up to $20,000 for each insured person for cyber events that could affect their home IT, including malware, cyber espionage, cyber extortion (ransomware), denial of service attacks, and hacking.

    The cover also includes cyber event response costs such as credit and ID monitoring and the costs of cyber extortion, data restoration, legal, notification, technical management, and virus extraction. Additionally, it provides access to 24/7 incident response hotline and cyber breach experts.
    For more information, refer to Emergence;
    Emergence Insurance: Australia’s award-winning cyber insurance

  3. Discounted travel Insurance solution

    Incorporating Travel Insurance Benefits for your employees can add to the value of working with your business. See Warren Saunders Insurance Brokers collaboration with World 2 Cover Travel Insurance to include in your Employee Benefits Program today. Contact us for customised items for your company.

    See more here:
    WSIB Personal Travel Insurance – Warren Saunders Insurance Brokers

  4. Group Salary continuity 

    Salary continuance insurance offers financial support if you’re unable to work due to sudden illness or injury. It’s held within a super fund, meaning your premiums are deducted from your super balance instead of your bank account. When you make a claim, benefits go into your super before being released to you.

    You can purchase salary continuance cover from your own superfund or your employer may provider group salary continuance as part of its benefits. This can be paid for by the employer, or there can be an arrangement whereby the employer pays for a portion and the employee pays for the other portion, or the employee can pay for it all.

    For more information on this topic, please refer to Tempus Wealth;
    Home – Tempus Wealth

By strategically integrating insurance into your employee benefits program, you can enhance employee satisfaction, attract top talent, and foster a more engaged and productive workforce.

For more information, please contact our experienced Account Brokers at (02) 9587 3500. 

Changes to use of Silica in the Workplace

WorkSafe has completed 92 unannounced inspections of stone suppliers and manufacturers since Victoria’s engineered stone ban took effect on 1 July. The visits have caught out a small number of duty holders, with three now referred for investigation for suspected supply and processing of engineered stone products in breach of Occupational Health and Safety Regulations.

WorkSafe’s Silica Field Team has also issued 38 compliance notices since July 1, including non-disturbance notices to prevent the supply of engineered stone products. Inspectors have additionally seized a number of samples for testing of silica content. WorkSafe Executive Director Health and Safety Sam Jenkin said regular inspections would continue to drive home the message that complying with the ban is a legal requirement – not an option.

This spike in cases is linked to a rise in the manufacturing and use of engineered stone. So what is crystalline silica and how do we protect our workforce?

What is it?

Crystalline silica is a mineral compound found in soil, rock and sand. Respirable crystalline silica (RCS) is generated by the vigorous processing of compounds that contain crystalline silica in the form of dust. Examples of processing activities are, cutting, sawing, drilling, grinding and polishing materials that contain crystalline silica. RCS particles are very small, as such they are likely to remain airborne longer than larger dust particles and are invisible to the naked eye. Compounds and the amount of RCS contained are outlined below:

  • Granite
  • Shale
  • Natural Sandstone
  • Composite
  • Aggregates, mortar, concrete

What does it do?

When generated, RCS may be inhaled, lodging deep within the lungs. A number of diseases have been associated with the inhalation of RCS with silicosis being the primary disease.

Silicosis is divided into three main types:

Acute silicosis may develop after exposure to very high levels of RCS over a short period of time, within a few weeks or years. Acute silicosis causes severe inflammation and an excess protein in the lung.

Accelerated silicosis may develop after exposure to moderate – high levels of RCS over the period of 3-10 years. Accelerated silicosis causes inflammation, protein in the lung and scarring of the lung.

Chronic silicosis may develop after exposure to lower levels of RCS long term and causes fibrotic nodules and shortness of breath. Chronic silicosis may include progressive massive fibrosis where the fibrotic nodules in the lung aggregate.

Additional diseases associated include; Chronic Bronchitis, Emphysema, Kidney damage, Lung cancer, Scleroderma

Who in particular is at risk?

Workplaces that manufacture, install or modify engineered stone have experienced a spate of instances of silicosis over the past few years, however it is expected that the number of cases recorded do not accurately reflect the number of instances occurring as it is not presently a reportable illness.

Additional workplaces that may provide an exposure include; building, construction and demolition work, preparing kitchen benchtops – stone, excavation, blasting, mining, brick manufacturing, road building, stonework, explosives, foundry.

Activities:

  • brick cutting
  • grinding masonry
  • concrete cutting, chiseling
  • cleaning up dust and debris from above mentioned
  • cutting and working with manufactured stone

How can exposure be controlled?

As silica becomes respirable in dust form, it is important that exposure to dust is minimised to acceptable, safe levels. At the time of authoring Safe Work Australia’s Workplace Exposure Standard requires that respirable silica dust not exceed 0.1 mg/m³ as an eight hour time weighted average. To achieve this, it is recommended that dust extraction, wet cutting practices, isolation of the process area and the use of appropriate personal protective equipment such as respiratory equipment, be

implemented. Local exhaust ventilation and wet dust suppression practices have been shown to reduce dust by up to 99%.

Important notes:

Health monitoring of employees engaged in activities that are exposed to RCS are included in relevant WHS/OHS legislation. Abrasive blasting of material containing >1% crystalline silica has been banned in Victoria and dry cutting of engineered stone has been banned in Queensland.

Additional information:

  • Health Monitoring for Exposure to Hazardous Chemicals – Guide for persons conducting a business or undertaking
  • Health Monitoring for Exposure to Hazardous Chemicals – Guide for workers
  • Health Monitoring for Exposure to Hazardous Chemicals – Guide for medical practitioners

Sources
Vero Insurance
Safe Work Australia

Lessons from Triage – Labour Hire

A standard question asked when a Public/Products Liability policy is placed is whether the insured engaged labour hire personnel and/or contractors or sub-contractors. A situation that comes up regularly is with what I will call internal labour hire. This arises where the insured has two companies. One company carries on the business. The second company engages all of the employees. The second company takes out worker’s compensation insurance.

What we see is an employee of the second company injured while working in the business of the first company. The worker’s compensation insurer pays the claim and seeks recovery from the first company. 

The first company then seeks cover under their Public Liability policy. The effect of these internal labour hire arrangements is that they effectively turn the Public Liability insurer into a Worker’s Compensation insurer. 

Liability insurers do not want to be in that position and their response to these kinds of arrangements is usually to either decline the risk, accept the risk with an exclusion or put on a high excess (in one recent claim, the excess was $100,000). 

Internal labour hire arrangements seem to be recommended by accountants. From the perspective of an accountant, they may be prudent arrangements. 

However, from an insurance perspective, they are potentially catastrophic.

If you have questions, please contact your experienced account broker at theteam@wsib.com.au or phone 02 9587 3500.

Source:
Steadfast

Cyber awareness: Wrongful use of licensed music

Sony Music has sued Marriott in Delaware federal court, accusing the hotel chain in a lawsuit made public on Monday of using more than 900 of its artists’ songs without permission in Marriott advertisements on social media platforms.

The lawsuit names 931 songs, that Marriott and influencer partners allegedly misused, including hits by Beyonce, Michael Jackson and Harry Styles, potentially making Marriott liable for more than $139 million in statutory damages under U.S. copyright law.

Representatives for Marriott and Sony Music did not immediately respond to requests for comment on the complaint.

According to the complaint, Sony Music told Marriott in 2020 that social media pages associated with its hotels were using Sony Music recordings without its authorization. The lawsuit said Sony Music’s notices have continued through this March.

Sony Music also said that Marriott’s infringement is continuing, with at least 47 new instances in May alone. The complaint said that Marriott’s ads “rob Sony Music of the substantial licensing revenues it is entitled to.”

If you have any further questions please reach out to our cyber guru, Scott Scala at WSIB on scotts@wsib.com.au

Sony Music asked the court for an order blocking Marriott from using its music in addition to monetary damages. The case is Sony Music Entertainment v. Marriott International Inc, U.S. District Court for the District of Delaware, No. 1:24-cv-00598.
Source: Reuters 

October is National Safe Work Month!

National Safe Work Month encourages businesses to prioritise work health and safety and take preventative action to reduce the number of work-related injuries, illnesses and fatalities. The campaign aims to promote a positive safety culture and to emphasise the importance of good WHS practices. No job should be unsafe, and no death or injury is acceptable. National Safe Work Month provides a valuable opportunity to raise awareness of WHS and highlight the collective benefit safe and healthy work has to individuals, organisations, and the wider community.

 

The 2024 edition of Safe Work Month is ‘Health & Safety is everyone’s business’ encapsulating the growing need for a healthy and safe workplace environment, and the potential positive impacts and benefits to businesses who buy in to these strategies. Each of the 4 weeks brings with it a different topic, including WHS fundamentals, Psychosocial Hazards, Risk Management fundamentals and Musculoskeletal injuries.

 

Week One focuses on Work Health & Safety Fundamentals and promotes a return to basics philosophy focusing on strategies such as identifying risks, consultation with the workforce, and training and education of the workforce. Week Two transitions to one of the more recent focus areas being Psychosocial Hazards, where the call to action will be for businesses to educate themselves on what these hazards are, and the impact they have on the person and the business. Week Three moves towards the risk led approach of Risk Management; the continuous cycle of identify, assess, control, review and improve. Week Four aims to target the long-standing risk of musculoskeletal injuries and how businesses can improve their productivity through the reduction of these incidents.

 

The SafeWork Australia website is a great starting point for businesses who are looking for tools and resources to tap into to help you start or continue along your health and safety journey: https://www.safeworkaustralia.gov.au/national-safe-work-month

 

If at any point you are looking to discuss a situation in your own business, or simply looking for a trusted partner to assist your business with risk mitigation, do not hesitate to contact us at Warren Saunders Insurance Brokers today. We have an ever-growing team of insurance and safety experts who can help you navigate the plethora of opportunities out there in today’s market.

Workers Compensation Premiums creating a financial pinch?

As we move closer to another end of financial year where the majority of employers renew their Workers Compensation policies, it’s timely to remind businesses of the changes coming especially specific to industry risk rates.

All four government funded schemes in NSW, QLD, VIC and SA have seen increases to most industry risk rates which in turn will likely drive a higher premium payable to businesses operating within those jurisdictions. Concurrent to risk rate rises is the need to regularly review the way in which a business has built its workers compensation policy; all too often we see policies “rolled over” without consideration given to how a business may have evolved especially regarding its primary business activities. Different business activities carry different rates affecting premium not-to-mention how these declarations cover those employees.

The team at Warren Saunders Insurance Brokers have a specialised service available which has the capability to review your Workers Compensation program and ensure the most appropriate form of coverage is in place. With likely premium increases on their way, now is a perfect time to get in touch with us to discuss how our services can assist in this space.

Speak to one of our Workers Compensation Account Managers on (02) 9587 3500.

Data breach incidents on the rise in Australia

Australia is grappling with a significant increase in data breaches, with 1.8 million user accounts compromised during the first quarter of 2024 (Q1 2024), according to cybersecurity firm Surfshark’s report.

The analysis, which focuses on email addresses linked to online services, found that these breaches also involved sensitive data such as passwords and financial information.

It indicated a 388% rise in compromised user accounts compared to the last quarter of 2023. This increase places Australia as the 15th most affected country worldwide, with approximately 140 million accounts compromised since 2004.

Recent data breaches in Australia

In addition to Guardian Childcare, many companies have fallen victim to cyberattacks of late.

Major oil and gas company Shell fell victim to a cybercrime, with a threat actor claiming to have posted 80,000 rows of customer data, affecting individuals across the globe, including Australia.

Meanwhile, a hacker group claimed that it has stolen the personal data of ticket sales giant Ticketmaster’s global customers, with thousands of Australians expected to have been impacted.  

Other companies that reported data breaches in May included electronic prescription provider MediSecuretech firm Iress, and mortgage lender Firstmac.

Find out how to mitigate your risk by speaking with one of our experienced Account Brokers on (02) 9587 3500.

Source: Insurance Business Magazine