ASIC is warning investors to be on high alert following a significant increase in reports of stolen shares since August 2024 from people who have had their personal identity compromised.

Fraudsters are impersonating individuals and stealing their shares, with many victims unaware their shares have been transferred or sold until they receive a confirmation letter in the mail from a share registry or the Clearing House Electronic Subregister System (CHESS).

Australians previously affected by data breaches should be particularly alert to the increased likelihood of identity theft, given the availability of their personal information online.

Fraudulent activity using stolen identities is increasingly sophisticated, so it’s important to be vigilant and follow through with checks when you receive notifications that are unexpected or do not look right to you.

How does share sale fraud work?

A fraudster claiming to be ‘Jane Citizen’ creates a share trading account to sell shares owned by the real Jane Citizen. The ID used to open the account is stolen or fake, with the security reference number or holder identification number for Jane Citizen’s shares illegally obtained. A bank account may also be fraudulently opened with the name ‘Jane Citizen’ to receive proceeds from the share sale.

ASIC said it was important people know fraudsters can gather personal information not only from information available online but also by stealing mail from letterboxes.

ASIC strongly encourages all investors to be on the lookout for suspicious activity when it comes to their share registry, share trading and bank accounts, and to take steps as soon as something doesn’t look right.

How to be vigilant and act if something looks suspicious

• Review your share portfolios regularly, regardless of whether they are issuer-sponsored holdings registered with share registries or held in share trading accounts with stockbrokers, so you’re quicker to detect unauthorised activity. It is also prudent to regularly review your other investment accounts such as super and managed funds. 
• Use passphrases rather than simple passwords for online accounts.
• Turn on multi-factor authentication, if it’s available, as this can add an extra layer of security to prove your identity.
• Lock your letterbox to prevent mail theft and check it frequently.
• Ensure you have provided your most up to date contact details to your stockbroker, share registries and financial services providers.
• If you receive a new bank card or correspondence that is unexpected, like an update on how your shares are held, the creation of a new account, a notification of sale of your shares or confirmation of a change in contact details, don’t ignore the correspondence.
• If something is unexpected or feels wrong, act quickly. Call your stockbroker, the share registry or bank if there is activity you didn’t authorise and change your passwords.
• Contact the party that sent you the correspondence using the contact details from the organisation’s official website (not the email or letter which may be fraudulent).
• Report any incidents to Scamwatch.
• Contact IDCARE, a free government-funded service, which can help to develop a specific response plan if your identity has been compromised.
• If you’re a victim of fraud, you may also request that credit reporting bodies place a ban period on your consumer credit report, so it can’t be used as part of a credit check.

Where to go for more information

See our Moneysmart website for a range of tips to protect yourself from identity fraud.

You can also find further information on the Government’s IDMatch website.

Australia’s pay system is structured around various elements that govern how employees are compensated. Here’s an overview of the key components:
1. National Employment Standards (NES)
The NES provides a framework of minimum employment conditions for ALL employees in Australia. It includes provisions for:
• Maximum weekly hours
• Leave entitlements
• Public holidays
• Notice of termination and redundancy pay

2. Modern Awards
Modern Awards are legal documents that outline the minimum pay rates and working conditions for specific industries or occupations. They cover:
• Base pay rates
• Allowances
• Overtime rates
• Shift penalties
Any changes to the award rates, payments or any entitlement to the award can be considered a breach.

3. Enterprise Agreements
These are negotiated agreements between employers and employees (or their representatives) that can provide for pay and conditions that are different from those set out in Modern Awards. They must be approved by the Fair Work Commission.

4. Minimum Wage
The Fair Work Commission reviews and sets the national minimum wage annually. As of July 2024, the national minimum wage is around $24.10 per hour or $915.90 per 38-hour week before tax. No employee can be paid less that this rate to perform their role. The only exception are junior employees who must be paid the applicable junior rate.

5. Pay Slips
Employers are required to provide pay slips to employees within one day of their payday. Pay slips must detail:
• Employee’s gross and net pay
• Deductions
• Any allowances
• Hours worked (if applicable)

6. Superannuation
Employers are required to contribute a minimum percentage of an employee’s earnings (currently 11.5% as of July 2024) into a superannuation fund to help employees save for retirement.

7. Deductions
Employers can make deductions from employee pay for various reasons, such as:
• Income tax (withheld according to the individual’s tax bracket)
• Salary sacrifice arrangements (letter from employee required)
Any other deductions require their employees permission, in writing, in order to deduct from the employees pay.

8. Overtime and Penalty Rates
Employees may be entitled to overtime pay for hours worked beyond their regular hours or at times deemed applicable for penalty rates such as weekends, public holidays, starting early or working late at night.

9. Casual Loading
Casual employees usually receive a casual loading (a higher hourly rate) to compensate for the lack of benefits like paid leave and job security. This rate is set by the applicable award but as a general guide is usually around 25%.

10. Reporting and Compliance
Employers must comply with various reporting requirements and ensure they meet their obligations under the Fair Work Act 2009. This includes keeping accurate records of hours worked, pay rates, and leave balances.

Failure to comply with the above requirements may lead to an employer found to be under paying employees or being in breach of the award. Fines, Penalties & back payments over a number of year may be awarded to employees for such breaches.​

Xero’s Invoice Branding feature allows businesses to customize the appearance and structure of their invoices, providing a more professional and personalized touch. Here are some key things you can do with Xero invoice branding:

1. Customize Invoice Layouts

   – You can create multiple invoice branding themes and apply them to different invoices or customers as needed. This includes control over things like where certain details are placed (e.g., logo position, date, customer details, etc.).

2. Add Company Logo & Brand Colours

   – You can easily upload your company logo and adjust the colour scheme to match your brand. This creates a consistent look across all your documents, helping reinforce your brand identity.

3. Personalize Payment Terms & Footer Notes

   – Customize payment terms (e.g., payment due dates or discounts for early payments) and add notes at the bottom of the invoice, such as thank you messages or legal disclaimers.

4. Control Invoice Header & Footer

   – You can modify headers and footers to include additional information, such as business registration numbers, GST details, or bank account information.

5. Add Payment Instructions & Online Payment Links

   – You can include direct payment links (e.g., Stripe or PayPal), making it easier for customers to pay online. This speeds up payment processing and provides clear guidance on payment methods.

6. Include Itemized Details

   – Customize how line items appear, from descriptions to quantity, unit price, and amounts. You can choose how detailed you want the item descriptions to be.

7. Set Specific Branding for Different Customers

   – Different customer types may require different invoicing styles (e.g., retail vs. wholesale). You can assign specific branding themes to different customer groups, tailoring the invoice experience accordingly.

8. Automated Branding Application

   – Xero allows you to set default branding themes based on factors like contact groups, which means certain customers will automatically receive a specific type of invoice branding based on predefined criteria.

9. Apply Branding to Other Documents

   – Besides invoices, the same branding options apply to quotes, credit notes, and purchase orders, ensuring consistency across all customer-facing documents.

You can find detailed instructions on customizing invoice branding here on Xero Central​

Hiring employees for the festive season

As the festive season approaches, employers that hire new employees to help with their business should remember the following when it comes to their employer tax and super obligations:

• Employers should make sure they are withholding the right amount of tax from payments they make to their employees and other payees, especially as this will help their employees meet their end-of-year tax liabilities;
• Employers must pay super guarantee (currently at 11.5%) to all eligible employee’s super funds in full and on time to avoid paying the super guarantee charge; and
• If employers are still not reporting through single touch payroll (‘STP’) and they do not have an approved exemption, deferral or concession in place, they should start reporting now.  If they have just started a business or recently employed staff, they will need to report through STP from their first payday.

Lodging and paying business activity statements (‘BASs’)

The ATO is reminding taxpayers that it is important to lodge BASs and pay in full and on time to avoid penalties and interest charges.

The BAS for the first quarter of 2024/25  is generally due on 28 October, but taxpayers may receive an extra:

• four weeks if they lodge through a registered tax or BAS agent; or
• two weeks if they lodge online.

The cost of managing tax affairs is tax deductible for taxpayers, and a registered agent’s help will allow them to focus on running their business.

Deductions for financial advice fees

The ATO has provided guidance about when an individual not carrying on an investment business may be entitled to a deduction for fees paid for financial advice.

An individual is entitled to a deduction for fees for financial advice to the extent that the loss or outgoing is incurred in gaining or producing assessable income, unless the loss or outgoing is of a capital, private or domestic nature.

Fees for financial advice an individual incurs may also be deductible to the extent that the advice relates to managing their ‘tax affairs’ (e.g., fees for advice in relation to salary sacrifice arrangements).

However, fees for financial advice on a proposed investment prior to the acquisition of an asset, or about how to invest additional funds to grow an investment portfolio, will not be deductible.

The individual must also have sufficient evidence of the expenditure to claim the expense as a deduction, such as a properly itemised invoice.

An Australian woman lost $813,000 in a house purchase scam after failing to notice a subtle difference in a fake email address. Sophisticated cybercriminals imitated her conveyancer’s email by altering a single letter, successfully deceiving the South Australian homebuyer in May last year. The Australian Federal Police (AFP) revealed the funds were diverted due to a business email compromise (BEC), a common phishing attack.

Two days after the transaction, the woman realized the fraud and reported it to both her bank and the police. The AFP-led Joint Policing Cybercrime Coordination Centre (JPC3) worked with state police and financial institutions to trace and freeze the scammer’s bank account, which was tied to a Pakistani national.

Out of the stolen funds, $505,000 was recovered, but $308,000 had already been lost, with $297,000 transferred to a cryptocurrency account. JPC3 was able to trace $272,000 of this amount through Binance and freeze it, though $25,000 had already been withdrawn. Intelligence sharing with Pakistani authorities led to the identification of the scammer as a “money mule” laundering illicit funds.

In March this year, the victim was able to recover another $272,000, bringing the total returned amount to $777,000, or 96% of the original $813,000. AFP Detective Acting Superintendent Darryl Parrish emphasized the importance of thoroughly checking email addresses and bank details to prevent such scams.

Although the victim recovered most of her money, the nearly year-long process had significant emotional and financial effects. The investigation into the criminal network responsible is still ongoing. The Australian Cyber Security Centre (ACSC) reports that BEC scams resulted in almost $80 million in losses from 2022 to 2023, with an average financial loss of $39,000 per incident.

To avoid falling victim to business email compromise (BEC) scams, it’s essential to adopt vigilant cybersecurity practices. Always double-check the email addresses, especially when making large financial transactions, as scammers often create addresses that closely resemble legitimate ones. Verify banking details through a direct phone call to the organization before transferring funds, and avoid sharing sensitive information over email. Using multi-factor authentication (MFA) for email accounts and implementing email filtering systems can also help detect and prevent fraudulent messages. Additionally, regularly educating employees and individuals on recognizing phishing attempts and BEC tactics can further reduce the risk of becoming a target.

If you need further advice about what you can do to avoid these types of scams, please read our other blogs talking about phishing, 2 factor authentication or give us a call on (03)58333000 and talk to our IT manager Raj about your concerns.

Please note – This information was taken from an article from Nine News Australia. To see the full article please visit – https://www.9news.com.au/national/south-australian-woman-scammed-out-of-800k-during-house-sale-cybercrime/f815d8c8-c337-43ba-8d31-e5b34b1f5c74