Half asleep on a Monday morning, you click on an email sent from a colleague – without stopping to wonder why they would be charging an invoice to you.
You realise it’s malicious spam when your email inbox becomes paralysed and the same email has been sent by your account to everyone in your contact list – offering the opportunity for others to do the same as you.
Once inside your email system, hackers can then start harvesting valuable information, such as usernames, passwords and any account details.
Welcome to the world of scams.
They come in all shapes and sizes these days and are becoming more brazen and less obvious.
A woman with an Australian accent rings, purporting to be from your bank. It’s a “courtesy call”, she says, and leaves a message for you to call a 1300 number. When you do, the recorded message sounds like the same person who does the voice recordings for your bank. But you can’t action any options until you’ve keyed in your access number and PIN.
The Australian Competition and Consumer Commission’s latest Targeting Scams Report reveals that Australian businesses reported losing nearly $4.7 million to scammers last year – a 23 per cent increase on 2016.
Businesses that fell victim lost an average of about $11,000, while small businesses accounted for nearly $3m of the total losses.
The ACCC says small businesses with fewer than 20 staff tend to be the most likely targeted and accounted for more than 50 per cent of reports it received.
Employment and investment scams caused the most losses.
“We’ve seen a worrying and dramatic jump in losses reported to us about these two scams,” says ACCC Deputy Chair Dr Michael Shaper.
“False billing scams are where a scammer tries to trick a business into paying fake invoices for directory listings, advertising, domain name renewals or office supplies. The scammers are very aggressive and persistent in demanding payment.”
Some of the most common scams targeting businesses include:
- false payments
- false billings
- fake directories and advertising
- domain name renewal
- payment redirection
- malware and ransomware and
- phishing.
“It’s vital Australian businesses are aware that scammers are actively out there targeting them and to ensure they have strong processes in place to avoid becoming victims,” Schaper says.
How can businesses protect themselves?
You can help protect your business by taking steps to:
- keep your filing and accounting systems well organised, making it easier to detect bogus accounts and invoices
- double check every request for payment
- update your security software, change passwords and back up your data regularly
- consider what business information you post on social media and networking sites, as scammers use publicly available information to target businesses.
The ACCC has published The Little Black Book of Scams which outlines the best protection methods and details the different tools used by scammers.
It says the best protection is through awareness and education.
“If a government authority or trusted company is telling you to pay up, stop, think and double-check,” the guide advises.
“If the scam is sent by email, it is likely to include an attachment or link to a fake website where you will be asked to download proof of the ‘bill’, ‘fine’ or ‘delivery details’. Opening the attachment or downloading the file will result in infecting your computer with malware.”
►You can read the ACCC’s Business Scams Factsheet here or report a scam here. More information is available from the Department of Mines, Industry Regulation and Safety