THE Yangebup Progress Association say they are heartbroken and their Christmas spirit is crushed after they fell victim to a sophisticated internet scam which robbed them of more than $6000.
The not-for-profit residents group’s email account was hacked and scammers altered the EFT details on numerous supplier invoices for their Carols by Candlelight event.
Upon investigation, it was discovered the scammers had set up a rule to forward emails with certain words or from certain suppliers to their own email address and file the originals in a random folder.
After initially estimating the loss to be around the $5000 mark, association spokeswoman Chontelle Stone said they now believed they were just over $6500 out of pocket.
“Our secretary can’t even function right now. She’s just so devastated this has happened; she’s in shock,” she said.
“We’ve got suppliers chasing us for funds and we don’t have money to pay them.”
Ms Stone said they had contacted the police and their bank, but the prospect of them recovering the money was unlikely.
She said they had reported the incident to cyber security organisations such as ACORN and ScamNet, who were stunned by the level of sophistication the scammers had gone to.
“This has been planned by someone who knew when we were having the event, when we’d have money, and knew when we’d be invoiced.
“The smaller invoices haven’t been targeted at all, like the ones for our Welcome to Country, face painting and bouncy castle, but the larger ones for our security, stage, sound and lighting towers were all targeted.”
The group have started a fundraising page in an attempt to recoup their losses, but Ms Stone said they would likely have to cancel a number of events planned for the summer.
“We can’t put our movie night on in January because we don’t have the money.
“This is going to take a while for us to recover financially, we’re now going to have to go back to Bunnings and get as many sausage sizzles as we can and work to replace this money.”
Ms Stone warned similar groups to be vigilant and double check their suppliers’ financial details before sending money off.
“The only way we’ve been able to find out which invoices were changed was to ring every single supplier and double check those invoice details,” she said.
“We need other community groups to know that we’ve been targeted, which means they could to.”