Pareto Phone: Donors warned as charity telemarketing firm targeted by heartless hackers

Consumer Protection has issued an urgent warning to some of Western Australia’s most generous people, flagging a suspected increase in scam attempts following a major data breach.

The breach, which targeted a telemarketing firm that has helped raise funds for more than 70 Australian-based charities has left donors vulnerable to scam calls and messages.

The targeted company, Pareto Phone, ran donation requests for charities including the Cancer Council, Fred Hollows Foundation and Canteen.

Consumer Protection Commissioner Trish Blake said the public needed to be extra suspicious of uninvited or surprise calls, text messages or emails.

“If you get a call from someone posing as a credible organisation, hang up and contact that organisation by their published telephone number to confirm any issues,” Ms Blake warned.

“We understand this may be a concerning situation for the kind-hearted people who donate to charities, so now is the time to be extra vigilant.”

The data breach relates to donations made within the last 10 years and includes compromised details of thousands of donors.

“The information reportedly released by hackers on the dark web is understood to include full names, date of birth, addresses, email addresses and phone numbers, which are highly sought after by scammers,” Ms Blake said.

“Don’t click on links in emails and text messages, and just say no if anyone contacts you seeking access to your computer as legitimate organisations do not do this.

“Scammers use personal details to contact you pretending to be from a government agency, your bank or telecommunications provider, and claim to know information like your date of birth in order to gain your trust.

Dealing directly with your chosen charity means they may receive your donation in full and won’t expose your personal or financial details to an additional source.

“To be extra cautious, we recommend changing the passwords on your email accounts and enabling multi-factor authentication where this is available.”

Ms Blake said donors should always ensure they are dealing directly with licensed charities.

“For those wonderful people who donate to charities, we always recommend dealing directly with the licensed charities themselves,” she said.

“Should you be contacted electronically or via telephone, it is a good idea to find out if you are dealing directly with the charity or through a third-party collector who receives a fee for every donation they secure.

“This will allow you to make an informed decision on what fees are being taken from your donation and who you are giving your personal financial data to.

“Dealing directly with your chosen charity means they may receive your donation in full and won’t expose your personal or financial details to an additional source.”

Any West Australian who thinks they are affected by the breach and wants to protect their identity contact the national identity and cyber support service IDCARE on 1800 595 160.