A Melbourne-based professor has warned that hardware and software used for tax fraud is likely in secret use by Australian businesses.
The technologies, known as zappers or phantomware, can help a business remove sales from their tax records.
Zappers are physical devices used to prevent sales transactions from appearing on a business' records.
Phantomware is a class of software that creates virtual sales terminals. It can be used for legitimate staff training, but is also used to keep sales transactions off the books.
In the United States, zappers in the restaurant industry recently collected US$20 million in fraudulent sales allegedly sent to Hezbollah, Lebanon. Another was used to scam $US16 million.
The Organisation of Economic Cooperation and Development issued a special report last month in which it said such technology allowed businesses to mask their scams.
"The new technology allows the business owner to perform the electronic sales suppression at a convenient time, usually at the end of the business day ... everything is fully computerised and available to the business owner using relatively simple methods to access the suppression software, for example with a swipe-card or a hidden button on the screen to activate a special menu."
In Sweden, a documentary team went undercover to reveal the use of the technology for the film Nattens Konger. It busted 100 companies using the kit.
It is also prevalent in Norway where the Hospitality Association estimated between 10 to 20 percent of sales in the restaurant industry were fraudulent.
In Slovenia, the Tax Authority sent inspectors to restaurants to secretly photograph receipts. The photos were then matched against register records to reveal the use of zappers and phantomware.
There were no known accounts of Australian businesses using the technology to manipulate sales records. But zappers are "nearly impossible to detect" when properly installed, according to Boston University law Professor Richard Ainsworth, a veteran in the field.
Professor Ainsworth wrote that zappers were often placed on Point of Sale servers, while phantomware was often in stand-alone electronic cash registers.
Deakin University Professor Louis de Koker said it was likely in use in Australia, noting the technology was sold bundled with sales terminals.
"It's a perk thrown in to make the purchase of the machine more attractive," Professor de Koker said.
"Some are not only marketing the software, they also provide service and even updating (patching) for the programs."
One such zapper, simsim.exe, was sold with the WinREST terminal and could be freely downloaded from the internet.
The technology could be also used to scam franchisors out of royalties, to inflate records to rip off potential business buyers, and even for money laundering.
Business using the technology are careful to skim only a small threshold of sales to stay under fraud profiling efforts by tax offices, according to de Koker.
He said elements of record-keeping in the US, Canada and Europe were more rigorous than Australia, making it more difficult to use zappers and phantomware.
He said Australia should "seriously consider appropriate preventative measures".
A detailed blog on the use of zappers and how to identify them is online.
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
_page-0001.jpg&w=100&c=1&s=0)
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
