In a world where the threat of fraud is constantly evolving, staying safe online is not just good practice — it’s essential. CDF recently helped identify and stop a fraud attempt on a client account that could have led to the loss of a significant amount of money.
Here’s how it unfolded and what you can learn to protect your own digital security at home and at work. 
The power of human firewalls
This situation, involving a current CDF customer, showcases a recent prevented fraud attempt:
- CDF received a transfer request from a registered client’s email address
- The transfer request involved making a payment to a new account, which the client had not previously transacted to
- CDF staff followed internal processes, requesting additional verification from the client
- When the fraudster couldn't provide further information, the staff member called the client directly
- This phone call revealed the email account had been compromised
In this attempt, it was the human element that added the extra layer of security to an already robust internal process – it demonstrates the importance of proper security procedures when handling transfer requests, especially to new bank accounts.
"Technology like emails can be compromised and used for fraud. Staying proactive, adhering to processes, and maintaining regular training is critical," says CDF Information Security Manager, David Huang.
Practical Tips to Boost Your Security 
CDFs approach to fraud is a combination of systems, processes, and training. Regardless of an organisation size, complexity or industry, there are many practical ways to enhance security in the workplace or at home:
 
1. Verify before you act:
If you receive an e-mail to complete a request, like making a payment, always verify the instruction using a second medium (e.g. phone number that is held on file) to contact the sender and verify the instruction – refrain from using contact details included in the e-mail just in case it is fraudulent.
2. Look for red flags:
When you receive an email, requiring you to take an action, look for the following red flags before responding:
3. Remember that fraudsters try to look legitimate: Fraudsters will replicate e-mails, invoices and even websites to trick people into making payments or entering online credentials. Always pay attention to the sender of an e-mail or the address of a website before responding or entering any information.
4.
Text messages can also be used against you:
Text messages or third-party messaging services like WhatsApp, can also be used to convince people to provide their details. This is usually by creating urgency or enticing people through deals that are too good to be true. Never click on links sent in text messages no matter how convincing the text may be. If you’re concerned about a text you have received, contact the provider on a trusted number available on their website to authenticate the text.
5. Regularly review your accounts: Frequently check bank statements and transaction histories. Early detection is key to stopping fraud before it becomes a bigger issue.
6. Keep systems updated: Software updates often include important security patches. Whether it’s a computer, smartphone, or office network, ensure that all systems are up to date, through trusted providers.
7. Train your team: Keep your team informed of the growing threat of fraud by ensuring they have appropriate training to understand the types of fraud (such as social engineering, smishing, phishing or identify theft) and how to identify potential threats to keep the organisation they work for and themselves safe.
For more information visit the Australian Signals Directorate website to learn about current threats and what you can do to protect yourself.
We’re Here to Help
Fraud is everyone's responsibility. Take the time to review your security practices, regularly educate those around you, and remain alert to red flags. If you come across a potential scam or suspicious activity, report it to Scamwatch or The Australian Cyber Security Centre.
If you believe you’ve been a victim of a scam or are concerned about the security of your accounts, contact the CDF team today.
Share this article:
Related articles
CDPF Limited, a company established by the Australian Catholic Bishops Conference, has indemnified the Catholic Development Fund ABN 15 274 943 760 (the Fund) against any liability arising out of a claim by investors in the Fund. In practice, this means your investment is backed by the assets of the Catholic Archdiocese of Melbourne. The Fund is required by law to make the following disclosure. Investment in the Fund is only intended to attract investors whose primary purpose for making their investment is to support the charitable purposes of the Fund. Investors’ funds will be used to generate a return to the Fund that will be applied to further the charitable works of the Archdiocese of Melbourne and the Dioceses of Sale and Bunbury. The Fund is not prudentially supervised by the Australian Prudential Regulation Authority nor has it been examined or approved by the Australian Securities and Investments Commission (ASIC). An investor in the Fund will not receive the benefit of the financial claims scheme or the depositor protection provisions in the Banking Act 1959 (Cth). The investments that the Fund offers are not subject to the usual protections for investors under the Corporations Act (Cth) or regulation by ASIC. Investors may be unable to get some or all of their money back when the investor expects or at all and investments in the Fund are not comparable to investments with banks, finance companies or fund managers. The Fund’s identification statement may be viewed here or by contacting the Fund. The Fund does not hold an Australian Financial Services Licence.
