The Goliath and Goliath entertainment agency recently lost R300,000 in an email scam, while its subsidiary PR Bailiff lost R20,000.
According to reports, the scammers intercepted emails from Goliath and Goliath, changed invoice banking details, and then forwarded the emails to clients.
The clients then paid the invoiced amounts, ranging between R60,000 and R130,000, into the scammer’s accounts.
Goliath and Goliath CEO Kate Goliath learned about the scam when a client alerted them that the bank details on their invoice had changed.
Goliath told Fin24 the scammers harassed their clients for payment after they sent the fake emails.
Goliath told Jacaranda FM they were “hacked” a few weeks ago.
“Our service provider said it is phishing and not their fault, but we believe there could be something more going on,” she said.
“We have started more investigations and we are meeting with people who have reached out to us who have had the same experience.”
How they lost R300,000
MyBroadband spoke to an industry expert, who asked to remain anonymous, about the scam to gain insight into how it happened.
He told MyBroadband that an employee at Goliath and Goliath was most likely a victim of a phishing scam, where the criminals gained unauthorised access to their mailbox.
The scam – known as a “change of bank account” scam – prompts the business partners of the victim to pay money into a bank account owned by the scammers.
This is done by tracing invoices which the victim sent to clients, and issuing revised invoices with the amended banking details.
The scammers then delete the emails which they sent with the new invoices to ensure their activities are not noticed.
The image below shows a warning from Investec about the change of bank account scam.