[adning id=”12070″]

[adning id=”12070″]

Beware of business email compromise scams

You’ve probably heard of phishing, where cyber criminals send texts, emails or social media posts which appear to be from individuals or organisations you think you can trust. Business email compromise takes phishing one step further.

Using phishing techniques, cyber criminals can steal information such as log in and financial details by impersonating other businesses, often large corporations. Business email compromise takes phishing one step further, where criminals could use those details to log in to your own account and impersonate you, your staff members or your business.

Cyber criminals can be very convincing

In business email compromise, criminals might impersonate you and send out fake invoices or supplier requests, or impersonate a member of your staff to obtain confidential details about your business. They might use your logos and email signatures or log in to your email account to commit crimes.

Here’s what to do if you think you’ve been targeted – and steps you can take to protect your business.

Take action sooner rather than later

It can be very stressful to find that you have been the victim of business email compromise, but there are steps you can take right away.

ABF media

If you find out your email account has been compromised, you can report the incident at ReportCyber. You should also let your staff members and clients know so they can watch our for unusual emails or requests from your account – and alert your email provider too.

If you have made a payment and discovered you’ve been the victim of a scam, call your bank or financial institution straight away. Let them know it was a fraudulent transaction and lodge a report with ReportCyber.

Help to keep your accounts secure

If your account has been compromised, your email provider may advise you to run anti-virus and anti-malware protections on your devices as a first step, then change your email password. Make sure you choose a strong password and use multi-factor authentication to keep your account extra secure.

Make secure payments

Payment redirection scams were estimated to have cost Australian businesses $227 million in 2021, according to the ACCC. PayID is a free system that can help protect you from scammers intercepting your invoices and changing the payment details to their own. PayID is as simple as using the mobile number or email address of the person or business you wish to pay to make a payment to, or registering your own PayID with your bank to get paid. Unlike a traditional payment where you need both a BSB and an account number, you can use PayID instead. It is free to register and helps to stop scams because unlike a traditional payment, the payer can see a confirmation screen, which includes the intended PayID name, before they confirm the payment.

Let your team know the warning signs

It’s important to make sure everyone involved in your business knows the warning signs of a business email compromise. Let your team know to be alert for any unexpected change of bank details, urgent payment requests or threats, unusual requests for payments or information from other members of the team (whose account may have been hacked) and any emails which don’t look right.

Be alert for suspicious messages

ABF media

If you receive a message from an individual, company or government department which seems suspicious, get in touch with the organisation directly to let them know. Use their legitimate contact channels, such as the phone number on their official website, not the details provided in the suspicious message. If you receive an invoice from one of your regular suppliers and there are different account details listed, call your supplier (using their official contact details) to confirm this change. They may have had their account hacked and the invoice details changed before it was sent to you.


This article is republished from the Small Business Development Corporation (SBDC) website. The SBDC is a WA State Government agency that supports small business. Please read the disclaimer before relying on this information, which has been developed primarily with Western Australian businesses in mind.


Leave a Reply

Your email address will not be published.


Get breaking news delivered
This field is for validation purposes and should be left unchanged.


Austrade Approved Business Events
AVAILABLE NOW APPLY BEFORE 30th MARCH 2021 (Condition apply)

  • ABF Events are approved and listed below have been certified by Austrade on the Schedule of Approved Business Events.
  • This allows exhibitors, sponsors, delegates and partners to participate in the Business Events Grant Program. Note event bookings need to be confirmed ASAP to participate in the grant program
  • The program provides 50% rebate (based on a minimum spend of $20k) for approved items including ABF event-media packages, exhibition stands, corporate function tables, delegate registrations.
  • Govt Grant applications are now open until the 30 March. Please contact ABF to discuss how we can assist, we have experts to assist grant applications.
  • Grant funding will cover up to 50% of eligible expenditure incurred in participating at pre-approved business-to-business events as buyers or sellers during the 2021 calendar year.  All grant applications must be submitted for approval via the following link: https://business.gov.au/grants-and-programs/business-events-grants
  • For further information please see this fact sheet.
Subscribe now
receive newsletter & our event promotion
This field is for validation purposes and should be left unchanged.
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?