Don’t get caught out by this business email scam
Business Email Compromise (BEC) scams are on the rise in Australia and businesses need to be especially alert to the dangers.
BEC is a fraud technique used by scammers to redirect invoice payments to a fraudulent bank account. Typically, scammers will intercept business emails that contain invoices and then contact the payer to advise them of a change in business bank details. The victim will then unsuspectingly transfer funds to the scammer and will not realise until the business enquires about the overdue invoice.
According to the Australian Federal Police the impact of BEC scams in Australia has resulted in financial losses of more than $79 million in the past 12 months.
To protect yourself against BEC scams, you can do the following:
- Use multi-factor authentication and strong passwords on your business email accounts
- Double check the email address of any emails you receive about a change of company bank details – paying special attention to the spelling of the email domain. This includes internal emails from colleagues
- Consider adding this statement to end of invoices and emails issued by your business:
“If you receive correspondence from us advising that we have changed our banking details for EFT payments DO NOT TAKE ANY ACTION until you have confirmed the authenticity of the correspondence. THIS COULD BE A SCAM known as Business Email compromise (BEC). Please contact us via the phone number on our website and not the phone number on the correspondence to confirm.”
Further information on how to protect yourself and your business from BEC can be found at cyber.gov.au and the ACSC.