Small-business owners struggling to remain open due to the pandemic-induced downturn are being warned that they are particularly vulnerable to increasing and more sophisticated cyber-attacks.
According to Lucas Meadowcroft, co-founder of IT solutions company CROFTI, Scamwatch had received a massive 55 per cent increase in reports of cyber-attacks up to August last year, compared to the previous 12-month period. This has put Australia in sixth place for the most hacked country in the world.
“We are still seeing the same type of scams that were developed years ago, but also new ones that suit the current business climate,” Meadowcroft said. “For example, a new scam that has started doing the rounds relates to the COVID-19 vaccine, purporting to be from an official organisation and requesting the client’s personal details so that they may register for the ‘compulsory shot’ to resume their employment.”
Meadowcroft also noted another popular scam that is offering business owners and sole operators business loans. With JobKeeper payments finishing this month, he warned that business owners and employees are more prone to cyber-attacks because they are concerned about their future and are looking for solutions.
Meadowcroft pointed out that such scams leave small-business owners at risk of having their identity stolen through criminals retrieving passwords to access bank accounts and access confidential data, and then being heldf to ransom.
“If you feel you have been scammed, immediately go online and change all of your passwords,” Meadowcroft urged. “Email, data storage, banking, online shopping, any website you have ever accessed. It’s time-consuming, but even if the scam happened a week or month ago, it’s worth doing.”
Meadowcroft advised that business owners should ensure they implement security upgrades and empower their people.
“Your staff are your last line of defence. They need to know what to look for, and how to check for and report issues,” Meadowcraft said, sharing his tips on spotting cam emails:
Relax, take your time to read the email carefully – it’s often when someone responds to email instructions in a hurry that they will get caught out.
Does the format of the email look strange? Does the email address it came from match the organisation in the email itself? Do the logos and graphics look amateurish or point to someone who has no access to genuine logos or other corporate graphics?
Are there spelling or grammatical errors in the content of the email? The style of content can almost always point to a creator who has little or poor professional English.
When you click the link, does it take you to the company’s page or a completely random one?