Aussie businesses have lost $2.8 million to email scams in 2018
The Australian Competition and Consumer Commission has revealed a surge in the number of scams involving fake emails from businesses.
The watchdog’s Scamwatch division is urging businesses to be on alert for such scams after reports grew by a third over the year – totalling $2.8 million in lost funds, with an average loss of nearly $30,000.
Business email compromise scams occur when a hacker gains access to a business’s email account, or creates a facsimile, and sends emails to customers requesting that further payments be made to a new account, which allows the hacker to retrieve the money paid.
Alternatively, there have been reports of hackers sending an internal email to a business’s accounts team asking for funds to be transferred to a separate account, sometimes posing as the chief executive.
“This is a very sophisticated scam, which is why many businesses only realise they’ve been caught out once it’s too late,” ACCC deputy chair Delia Rickard said.
“There is a misconception these scams target just small business, however the largest amount of reports and losses came from medium-sized businesses, including one that lost more than $300,000.”
According to Rickard, effective management procedures are a key method of preventing these scams, ensuring that staff know how to deal with such an email when it appears in an inbox and by prioritising a multi-person approval process for transactions over a certain amount.
This story originally appeared on sister-site Inside Retail Australia.