MORE than two months’ wages have been siphoned from a tiny Aboriginal corporation representing the Traditional Owners of Laura in a slick online scam.
Ang-Gnarra Aboriginal Corporation had almost $40,000 stolen by scammers, believed to be based in Zambia, just weeks after health organisation Apunipima Cape York Health Council was hit by hackers who may have accessed confidential patient files.
“It’s hit our business hard, losing that amount of money,” said Ang-Gnarra chief executive officer August Stevens.
“We’re praying that we can get the money back, but I really don’t have much hope.
“I’m thinking Apunipima got hit, I’m a patient, and then we got hit. I don’t know if there’s a correlation, but it’s a big coincidence.”
Mr Stevens said doing business online was the small organisation’s downfall, with their standard practice of invoices emailed to and paid by the accountant providing an easy in for the scammers.
“When we buy machinery, I get our directors to sign off on it and then we send that authority to pay to our accountant via email,” he said.
“That’s how (the scammers) did it, they came across that document and changed the date, amount to pay and bank details and sent it directly to the account, but it appeared to come from me.”
The loss was discovered the following day when Mr Stevens rang the accountants.
“They said we’ve paid the machinery invoice and I said ‘Oh my God, we’ve been scammed’,” he said.
The $38,400 loss was immediately reported to the authorities, the bank, and the insurance company, but the policy didn’t cover the missing money.
“It’s been a big wake-up call,” Mr Stevens said.
“We got complacent, but we’ve learnt from this and made a lot of changes.
“I’d really like to warn other small businesses and even councils that this can happen.
“We’re not even on the world map and we got hit.”
Mr Stevens said investigators found Ang-Gnarra’s emails were being tapped by an entity in Zambia, with foreign eyes accessing everything sent to or from the Laura-based organisation.
“We don’t know how long they had been there, sitting in the background monitoring our emails,” he said.
“We’re just a little drop in the ocean when it comes to scamming, but that’s about two months’ wages for us and it leaves a big hole.”
Meanwhile, Apunipima has still not provided an update since it was a victim of a major security breach, leaving patients around the Cape in the dark.