Recent media reports have revealed a significant rise in cybercrimes in Australia with an online attack occurring every six minutes. Businesses are particularly at risk with basic technologies such as email providing a gateway for scammers to trick employees into handing over money or giving away company information.
In this article, we remind business owners of the need to be vigilant to avoid getting caught up in fraudulent activities, including payment redirection scams, that are costing Australian’s millions.
The report by Australian Signals Directorate shared a number of extremely concerning findings among them the more common attacks on business came via compromised emails which is otherwise known as remote access scamming.
According to security software company McAfee, cloned voice technology is also on the rise. It says a recent global survey revealed 70% of people admitted they had difficulty differentiating between a real voice and one that had been cloned.
Voice cloning isn’t new. A couple of years ago Forbes reported on a Japanese company that lost a whopping $35M thanks to cloned voice technology. The gist of it was a finance executive received a call from a source that sounded enough like the firm’s senior director to trick him into actioning the bogus request.
Meanwhile, and closer to home the ACCC’s latest Scamwatch report (April 2023) says Australian’s lost a record $3.1 billion to scams in 2022.
Investment scams where the highest loss category, followed by remote access scams and payment redirection scams.
Losses in 2022 for Small and Micro businesses were reported at $13.7 billion in 2022, which was a nearly double (95%) increase on the prior year. Most of these scams were payment redirection scams.
The advice for avoiding falling victim to scams from the ACCC seems pretty weak as they propose a Stop, Think and Protect approach.
For businesses, particularly those in financial services, promoting a zero-trust mindset and actively encouraging their teams to be suspicious along with strengthening security protocols are among the more proactive approaches. Up to date antivirus and anti-malware software, firewalls and other security measures should be mandatory in the workplace, which may also need to be a condition of working from home as part of flexible workplace arrangements.
With so much at stake, business owners must continue to educate themselves and their teams about scams that are continually evolving and implement clear guidance and steps for dealing with them. Regular or surprise audits will also help create a culture of accountability and transparency.
And a reminder to business owners, particularly those under pressure and working long hours to cover staff shortages who can be guilty of taking security shortcuts.
If you find yourself doing this, pull yourself up and take a moment to consider the consequences of not just the financial loss, but the enormity of disruption that could mean you and your business suffers a significant setback or never recovering.
At risk of stating the obvious, here are some cybersafe tips that might provide a timely reminder as we head into the busy end of year trading season:
Be suspicious of unsolicited emails, texts and phone calls and fiercely protect your personal information.
Avoid easy to remember passwords and use a secure password manager to store them.
Keep your devices up to date, and make sure you install security updates when notified.
And know what scams are circulating, so you can identify them quickly and the steps you need to take if you get caught up in them.
For business, tax and SMSF advice, please contact our office on (07) 5438 8088 or email mail@corebusiness.com.au
Core Business Accountants specialise in business advice for growing and mature family-owned and small and medium-sized businesses.