This Scams Awareness Week, MYOB says small businesses should stay vigilant

Scams Awareness Week, taking place 8-12 November, provides a timely reminder for small business owners to assess their security and be aware of the top scams to watch out for, according to MYOB.

According to their latest report, over the last financial year the Australian Cyber Security Centre (ACSC) received over 67,500 cybercrime reports, an increase of nearly 13 per cent from the previous financial year. Cybercrime refers to criminal activity using computers and the internet to attempt to expose, or gain unauthorised access, to a computer system.

ACSC received a report of a cyber attack every 8 minutes in the financial year 2020-21, increased from one every 10 minutes in the previous year. Furthermore, more of these incidents were categorised as ‘substantial’ in impact.^[1]

MYOB's Head of Information and Cyber Security, Peter Wolski, says across the board customers have felt the impact of the rise in scams targeting small businesses and they are rightly concerned.

“The two types of scams we have seen on the rise, and concerning for any small business owner, are business email compromise and ransomware scams. All businesses can be targeted, but particularly those where money moves around in large quantities can be attractive to criminals.”

The business email compromise scam is when someone sends an invoice posing as a supplier, with different payment details. If a business owner doesn’t check and pays into a new account, they could transfer money directly to those who have stolen the vendor’s identity.

The last 12 months have also seen ransomware scams increase, where a computer system or email is hacked. The scammer encrypts data and extorts the small business for money.

“Like all criminals they know their targets and how much money to ask for. Once they hack into your systems they have so much information on you that they will change the amount of money they are asking for to suit the business and their balance sheet,” Mr Wolski said.

Latest data from Scamwatch shows:

• Threats and extortion scams, which include malware and ransomware, have seen a loss of more than $10 million this year, with more than $3 million lost in the month of June alone.
• There have been more than 30,000 reports of threats and extortion scams this year, with the highest number of malware and ransomware scams reported in August and September.
• There have been more than 13,000 reports of hacking this year.

Tips to stop the scammers:

1. Turn on multi-factor authentication for your business. This protection will stop a wide variety of scams. Your email shouldn’t be your second factor, it should be your phone or an authentication app such as from Google or Microsoft. Your email provider and key business software products should have this setting available and all you need to do is click a button to turn it on.
2. Keep your systems updated. It’s important to know what you will and won’t update automatically. Where possible turn on automatic updates, so you’re protected as new security updates are released. Cloud providers will update back end systems on your behalf to keep your information secure.
3. Set up protection on your email. Office 365 and Google Workspace both offer this service. This will help filter out harmful emails and alert when a message comes from an unknown email address, giving you the chance to double check the validity of the email.
4. Look out for changes in payment details and validate and verify them with a phone call to your supplier.
5. Any systems that are critical to your business should be backed up. Having an offline or cloud backup is a secure way to have information on hand should you ever find yourself locked out of your computer.

“We know small business owners are time poor, however security is as critical for businesses as insurance. The most important measure is multi-factor authentication on business and personal accounts, your email provider will have this option in their settings and it’s as easy as clicking a button,” Mr Wolski said.

“Also stay across the scams that are prevalent, like the change in bank details for a supplier. If you get a request for a change like this, take the time to call the supplier. That phone call can save you thousands of dollars.”

- Ends -

About MYOB:

MYOB is a leading business platform with a purpose of helping more businesses in Australia and New Zealand start, survive and succeed. MYOB delivers end-to-end business management tools and accounting solutions for SMEs and the mid-market, direct to businesses, as well as a network of accountants, bookkeepers and consultants. MYOB operates across four key segments: Small and Medium Enterprises (SME), Enterprise, Financial Services and Practice. For more information visit myob.com or follow @MYOB on Twitter.

^[1] ASCS Annual Cyber Threat Report 2020-21