What Scam? 
Scamwatch is calling on businesses to urgently review how they verify and pay accounts and invoices as reports of business email compromise (BEC) scams to Scamwatch have grown by a third this year.

Hackers gain access to a business’s email accounts, or ‘spoof’ a business’s email so their emails appear to come from the company. The hacker then sends emails to customers claiming that the business’s banking details have changed and that future invoices should be paid to a new account.

These emails look legitimate as they appear to come from a business’s official email account. Payments then start to flow into the hacker’s account.

Who is at Risk?
This scam targets all kinds of businesses, including charities and local sporting clubs. Big, Medium and Small business are all at risk.

How Do We Avoid Them?

  1. Check directly with your supplier if account details change
  2. Effective management procedures
  3. Pay attention to current IT news and alerts
  4. Multi-person approval processes for transactions
  5. Keep IT security up to date
  6. Do not reply to emails if you believe they are a scam

What To Do Once Scammed?
Businesses affected by scams should contact their financial institution immediately and consider professional IT advice to ensure their email systems and data are secure.

If you suspect a scam or are a victim of a scam please contact Scamwatch immediately. Information directly from Scamwatch.

If you are worried about your business, your IT security or safety procedures please contact our expert team today on (04) 4474 2477