This scam is bothering many people now, so I thought I better warn you.
A scammer knew an employee's email account details. He monitored the account. Then using this email account, a hefty invoice was sent out to a client. The scammer then sent the invoice out again with an altered bank account.
In this case, $400,000 went missing.
There was also a failed attempt at $350,000 here. It was lucky that immediately before the transfer to a supplier nominated bank account, a staff member looked at their deleted email file. Then they saw the real client invoice with different bank account details and started to ask questions.
Currently, I have been told that in Australia, there is no case law on liability here. One of the big problems here is that neither side has benefited from the fraud. None has the money. Both sides are seen as negligent. The seller for not having enough security on their email account and the buyer for not checking the bank details. This means that the chances of returning the funds could be limited.
Yet, it does show that you need to track security on your email accounts and check bank details thoroughly before sending money.
If you want to know more, checkout scam watch here.