Invoice Payment Fraud


The ADF wishes to remind all customers to beware of invoice email scams as they can result in potentially large losses if not detected.
 

This scam involves scammers pretending to be legitimate suppliers advising changes to payment arrangements or bank account details held on file. The scammer will send an email which is disguised to appear almost identical to the legitimate suppliers’ email advising updated account information and potentially requesting payment.

How the scam works
This is quite a sophisticated scam where the scammers work very hard to make you believe the account details and payment requests are legitimate.

  •  Scammers hack into/intercept supplier email accounts and obtain information including customer lists, bank details and previous invoices.
  • An email is then sent to you which appears as though it is from a known supplier requesting a change to the usual payment details and may also include a request for payment.
  • The scammers either disguise the email address they are sending the email from or they have created a new address that appears almost identical to the legitimate one, this is called ‘spoofing’.  Spoofed emails can be quite difficult to detect.  For example the legitimate address is bob.smith@abctrading.com.au and the spoofed address could be bob.smith@abctrading.com or bob.smith@acbtrading.com.au
  • The scam email will often contain a copy of the suppliers logo, use the same message format and style and in some cases may even include an attachment on company letterhead which they obtained as part of their hack.  It may even contain links to websites that are convincing fakes of the suppliers real website.

How to protect against invoice fraud
There are a number of steps that your business can take to protect yourself from scams of this nature and ensure that you don’t lose any funds.

  • Educate your employees on this type of fraud, ways to detect potentially fraudulent emails and invoices as well as what to do if they receive one
  • Double check email addresses, if you look closely you should be able to spot a fake.
  • If you think an email you have received is suspicious, DO NOT reply.  You should call the company on contact details that you already have on file or ones you have found in the phone directory, not the ones provided in the email.
  • Have a clearly defined process for verifying all payment accounts and invoices which tracks goods/services received and reconcile this to invoices.
  • If the account details provided on the invoice or payment request are different from those used previously, call the company on a number you have saved or find via Google to confirm. Never rely on an email or new invoice with updated account details, always speak to someone to confirm.

Additional information on this scam and how to protect your accounts can be found at https://www.scamwatch.gov.au/news/invoice-email-scam-now-targeting-australian-businesses


If you are concerned that you may have been a victim of this or any other scam, please contact the ADF immediately.

Office Closure 25th April

Please note that the ADF will be closed on Monday 25th April for the gazetted Anzac Day public holiday. ADF Online will still be available, however transactions loaded on Monday 25th will be processed and released on Tuesday 26th April.

They shall grow not old, as we that are left grow old:
Age shall not weary them, nor the years condemn;
At the going down of the sun, and in the morning,
We will remember them.

Lest we Forget.

ADF Services – 3-Day Lockdown

The ADF would like to Advise that there will be minimal to no disruption to our services as a result of the 3-day lockdown, commencing 29th June 2021 at 6pm.

We have a number of measures in place internally and with our suppliers to ensure continuous delivery of all ADF services including but not limited to:

  • Inward and outward transaction processing;
  • Accessing and making payments through ADF online;
  • Direct Debits;
  • Processing of files received through ShareFile; and
  • Handling of all calls and emails to ADF

Please contact you Relationship Manager or the ADF if you would like any additional information.

We hope that all of our customers remain safe and we that you for your support.

System Upgrade – Important ADF Online Changes

The ADF performed an upgrade to our core transaction processing software including ADF Online last Friday, 21st May 2021. Overall, the upgrade has been a success, allowing us to improve our internal platform, remove outdated system modifications as well as introduce stronger security protocols and additional functionality through ADF Online. However, as with any system change of this magnitude, we have encountered some issues which have been forwarded through to our vendors for rectification. We wish to thank all the ADF Online users who made contact with us yesterday to notify us of these issues or changes that they encountered which have been forwarded through to our vendors for rectification and we apologise for any inconvenience these have caused.
 
Identified Issues
 
Below is the details on the issues that we have identified since the upgrade.

  • Current Issues
    • Some accounts, in particular loans unable to be viewed by full authorisers. This requires a manual correction which the team are working through, we expect this to be completed by 30th June, however if you require urgent access to your loan accounts, please advise your Relationship Manager.
    • Missing account name details in the Direct Debit Address Book for data users and full signatory. This is currently being investigated by our vendor. This is not impacting the direct debits going out or how they appear in the account when they are processed, simply how they display in the Address Book.
  • Rectified Issues
    • The ADF were unable to set up new signatories and establish their access to accounts. This was rectified Tuesday morning.
    • Some data users were experiencing a ‘system error’ when they were attempting to log in. We put a work around in place while this was being investigated and we received confirmation from our vendor that this issue was rectified late Monday afternoon.

ADF Online Changes

To provide you with a more stable, secure platform and enable the delivery of the additional functionality (now and into future), the following changes have been made to ADF Online.

  • All transactions, whether to external accounts or other accounts held at the ADF now require two signatories to authorise all payments. This is an increased security protocol for transfers to other ADF accounts.
  • Batch payments and single transfers need to have sufficient funds in the account before they will be able to be processed in ADF Online.
  • The account number that is to be used for all electronic deposits made to your accounts is now shown in the Account List which can be found under the Payments tab. It can also be found under the Services tab, BSB and Account Information. Please ensure you are no longer providing the old account numbers and only provide this one from now on.
  • If you are processing payments to the ADF BSB (064-786) either as a single transfer or within an uploaded creditor batch, you must use the electronic account number of that account. ADF Online performs a validation on all transactions using our BSB to ensure the account is valid. It will not accept the old account number format. If you have the old account number format for any entity you are attempting to pay, you will need to contact them and obtain the new electronic account number.
  • Changes to transaction CSV download format with an additional column for the effective date of the transactions.
  • Changes to inward Bpay credit payment narrations with an additional reference field of ‘payment’ now appearing.
  • The ability to upload Bpay payment files. If your accounting system has the capability to generate Bpay creditor payment files, these can now be uploaded and processed through ADF Online the same way you import normal creditor batches.

Security Enhancements

 There are some enhancements we have made to accounts and transaction processing to increase the protection and audit controls on your accounts.

All transactions are now two to authorise, irrespective of where the transfer is being paid to. This is to ensure proper security controls are in place for all transactions as well as provide an additional layer of protection in the event that log in details are compromised.

  • In the coming weeks we will be introducing the ability for you to initiate a password reset from the ADF Online login page if you have forgotten your password. Additional details on this will be provided when this functionality is ready for use.
  • Towards the end of the year we will also be introducing SMS One Time Passwords as a second layer of authentication that is required to initiate transactions through ADF Online. We will provide updates on this functionality as we approve the go live dates (yet to be determined).

The ADF would like to thank all of customers for your support throughout this upgrade process.
Please don’t hesitate to contact the ADF on adfmail@bne.catholic.net.au or 07 3324 3777 if you have any questions in regards to the system upgrade or experience any issues with the new ADF Online link or system.

Password Security

To ensure your ADF Online log in details remain as secure as possible, the ADF recommends that you:

  • Never instruct your computer to save your ADF Online password
  • Never record your password anywhere either in writing or online
  • Never share your login name or password

If you feel your details have been compromised, please contact the ADF immediately.

New Margins to Promote Mission and Meet the Times – Interest Rate Review – Effective 1 April 2021

The ADF has taken steps to strengthen its capacity to support you in the mission that connects us.

Challenging times demand responses which has prompted the ADF Board to review and apply new interest settings.

New rates, effective 1 April 2021 on both investments and loans, refer below:

Standard Variable Loan Rate:-                  3.25% 

Standard Investment Rates:-

            Up to $499,999                                   0.25%

            $500,000 to $1,999,999                     0.45%

Over $2,000,000 0.60%

Password Security

To ensure your ADF Online log in details remain as secure as possible, the ADF recommends that you:

  • Never instruct your computer to save your ADF Online password
  • Never record your password anywhere either in writing or online
  • Never share your login name or password

If you feel your details have been compromised, please contact the ADF immediately.

Christmas Business Hours

The ADF will be operating as normal throughout the Christmas and New Year holiday period with the exception of the gazetted public holidays. Any customers pre-loading files or transactions for the holiday period should ensure that they have sufficient funds in their account to cover the total amount of transactions to be processed.

 If you require a temporary daily limit increase to allow for your files to be processed, please complete the form found under the Resources & Forms tab and email to adfmail@bne.catholic.net.au.

 We would like to wish all of our customers a safe and happy Christmas.