ASIC is urging businesses to be wary of payment redirection scams after the ACCC revealed micro and small businesses had been affected by them the most in the last year.
The commission said that payment redirection scammers have a number of ways of implementing their scams, in some cases they hack into a legitimate email account and pose as the business by intercepting actual invoices and amending bank details.
While in other instances scammers impersonate people by using a registered email address that is very similar to one from a legitimate business.
The increase and costly result of scams has led to ASIC re-emphasising steps businesses can take to protect themselves.
The four steps that ASIC provided were, to understand your duties, take action, aim for continuous improvement and remain vigilant.
Step One
Within step one, to understand your duties, ASIC said that company directors and business owners need to recognise the cyber-security risk and how to best protect the business, to assist with this ASIC had published a list of cyber-risk governance questions to be considered.
Step Two
Step two was to take action, this step is for heads of companies to ensure vigorous cyber-security resilience strategies are in place to protect against threats and scams, said ASIC.
Step Three
Under step three ASIC said that implementing cyber security was not a set-and-forget job but required constant revision and improvement to be able to stay ahead of constantly evolving threats.
Step Four
The final step, to remain vigilant, ASIC said that businesses needed to constantly be assessing new ways individuals are trying to scam them.
For a business that has been scammed ASIC said it needed to stop sending money to the company, contact its bank, be wary of follow-up scams posing as offers to recoup lost funds and report the scam to Scamwatch.
ASIC said that if your business has been scammed in relation to a financial product or service it needs to lodge a report of misconduct to ASIC, report it to the bank and consider reporting the matter to police.
Source: Accountants Daily