The ACCC’s Scamwatch is warning businesses about business email compromise (BEC) scams.
This year, reports to Scamwatch about these scams have grown by a third, with businesses reporting losses totalling $2.8 million – accounting for 63 per cent of all business losses reported to Scamwatch.
What are BEC scams?
These emails look legitimate as they come from one of the business’s official email accounts. Customers then start making payments into the hacker’s account.
In other variations of the scam, the hacker will send an email internally to a business’s accounts team, pretending to be the CEO, asking for funds to be urgently transferred to an off-shore account.
Hackers may also request salary or rental payments be directed to a new account.
Protect your small business
Consider a multi-person approval process for transactions over a certain dollar threshold.
Check directly with your supplier if you notice a change in account details – don’t just rely on return email, instead find older communications to ensure you have the right contact details or otherwise independently source them.
Keep your IT security up-to-date with anti-virus and anti-spyware software and a good firewall.
If you fall victim to BEC scams, contact your financial institution immediately and consider professional IT advice to ensure your email systems and data are secure from hackers.