Articles

August 30, 2022

Beware of Payment Redirection Scams

ASIC is urging businesses to be wary of payment redirection scams after the ACCC revealed micro and small businesses had been affected by them the most in the last year.

A microbusiness is defined as those with zero to four staff and small business as only having five to 19 staff. Payment redirection scams involve defrauders impersonating a business or its employees via email and requesting an upcoming payment be redirected to a fraudulent account.

The commission said that payment redirection scammers have a number of ways of implementing their scams, in some cases they hack into a legitimate email account and pose as the business by intercepting actual invoices and amending bank details.

While in other instances scammers impersonate people by using a registered email address that is very similar to one from a legitimate business.

The increase and costly result of scams has led to ASIC re-emphasising steps businesses can take to protect themselves.

The four steps that ASIC provided were, to understand your duties, take action, aim for continuous improvement and remain vigilant.

Step One

Within step one, to understand your duties, ASIC said that company directors and business owners need to recognise the cyber-security risk and how to best protect the business, to assist with this ASIC had published a list of cyber-risk governance questions to be considered.

Step Two

Step two was to take action, this step is for heads of companies to ensure vigorous cyber-security resilience strategies are in place to protect against threats and scams, said ASIC.

Step Three

Under step three ASIC said that implementing cyber security was not a set-and-forget job but required constant revision and improvement to be able to stay ahead of constantly evolving threats.

Step Four

The final step, to remain vigilant, ASIC said that businesses needed to constantly be assessing new ways individuals are trying to scam them.

For a business that has been scammed ASIC said it needed to stop sending money to the company, contact its bank, be wary of follow-up scams posing as offers to recoup lost funds and report the scam to Scamwatch.

ASIC said that if your business has been scammed in relation to a financial product or service it needs to lodge a report of misconduct to ASIC, report it to the bank and consider reporting the matter to police.

Source: Accountants Daily

Our Testimonials

What People Say

Tactical

Partnerships

Please contact us for more information and find out how we can help you feel good about your future.