According to the ACCC, Australian businesses lost over $7 million to scams in 2018. Small businesses with fewer than 20 staff are far more likely to be targeted by cyber criminals, accounting for over 75% of reports to the ACCC. You need to be cyber aware to protect your small business. Keep reading to find out common scams and how you can protect your small business.
Common scams targeting small business
- Phishing emails – emails that attempt to trick you into giving out personal information such as passwords or credit card numbers
- Malware – tricks you into installing software that will allow the scammer to access your files
- Ransomware – cyber criminals will demand payment to unlock your computer or data they have taken
- False billing – these scams will request that you or your business pay fake invoices for things that you did not order, such as office supplies or domain name renewals
- Business email compromise – a cyber criminal will impersonate a business representative or employee to trick you into transferring money or sensitive information
How to protect your business
The best action you can take to protect your business is to invest in staff education and awareness. Ensure that employees are aware of the scams they might face, the risks involved, and what to do if a potential scammer contacts them. Below are some tips for staff that will help protect your small business.
• Do not click links or open attachments from people or organisations that are from people you do not know
• Be cautious if emails are asking for urgent payment, using fear tactics, or appear too good to be true
• Never send bank details or personal information over the phone or via email
• If a customer or supplier emails you asking to change their delivery or payment details, call them to confirm this change
• Remember that the government or trusted businesses will never ask you to pay via unusual methods such as gift vouchers or bitcoin
• If you receive any messages that seem suspicious, contact the person or company separately to clarify any concerns you may have.
Establish Business Processes
You need to establish consistent business processes for validating payments and sensitive information requests. Staff must follow these processes to ensure that payments are only being made to legitimate people or businesses.
Cyber attacks are on the rise for small businesses, and are becoming increasingly sophisticated and appear more legitimate than ever. If something doesn’t feel right, it probably isn’t. To protect your small business, you need to educate staff to create cyber security awareness and implement processes that limit the sharing of confidential information.