When a small business is impacted by cybercrime, the costs can be crippling. A recent report from the Australian Signals Directorate found that small businesses lose an average of about $46,000 when they experience an incident. For some, that loss is enough to force them to shut their doors for good. The Council of Small Business Organisations of Australia (COSBOA) has also found that cybersecurity is the third-leading pressure facing small businesses right now and scams and fraud are more sophisticated than ever. Discover the new keep-safe commandments – turns out, work culture and tech solutions can make all the difference to your safety.
Remember, scammers are sophisticated now
There are a few things that James Roberts, CommBank’s General Manager of Group Fraud, wishes more small business owners knew about staying safe. The first is perhaps the most important: “any business can fall victim to a fraud or scam,” he says, noting that the most authentic-looking invoices, emails and text messages and legitimate-sounding calls can be scams. There won’t always be spelling errors, red-flag email addresses or late-night time stamps. The small businesses that are more secure, understand that everyone has a role to play in raising awareness and educating each other on the risks. “The ‘Stop. Check. Reject.’ approach can help businesses avoid losing significant amounts of funds,” says Roberts.
Take a moment to consider your internal controls
“If a business doesn’t have adequate controls and if staff don’t adhere to risk mitigation practices, this can lead to potential fraud and scam losses,” says Roberts. “Knowing how to identify the red flags will empower staff members to stop, check and reject.” To help business owners fight the increasing number of scams and breaches, COSBOA – with aid from the Australian Government, support from CommBank and Telstra and in consultation with the Australian Cyber Security Centre – has created an initiative called Cyber Wardens. The free interactive e-learning platform delivers easy-to-use education to help people carry out cybersecurity inspections and risk audits, keep passwords and data safe, update software and report threats or suspicious messages. It promotes good cyber-safety habits, such as shutting down computers instead of putting them in sleep mode, using long, strong, original passwords, actioning software updates quickly and giving team members unique logins.
Use all the tools at your disposal
There are two security tools he urges businesses to embrace: NameCheck searches account details you enter when making a first-time payment in NetBank, the CommBank app or when making an individual first-time payment on CommBiz. “Based on our available payment data, NameCheck will then indicate whether the account details look right,” he says. CallerCheck is the other. It allows you to verify whether a caller claiming to be from CommBank is legitimate, by triggering a security message in your CommBank app. “It’s our preferred method of verification as a more secure way to complete the identification process.”
Understand how scammers get under your radar
When scammers try to infiltrate your small business, there are some common strategies it pays to understand. According to Roberts, there are three main scams to watch:
- Business email compromises. “This is the number one scam type impacting Australian businesses today,” says Roberts. An email or invoice containing altered account details is often sent from a “person of trust” such as a manager, CEO, relative or regular supplier, which underlines the importance of validating the details verbally and on a verified number.
- Bank impersonation scams. Scammers who convince customers they’re calling from the bank to gain access to online platforms or services.
- Phishing. SMS or emails sent to businesses containing phishing links. This form of social engineering can lead to online platforms or services, cards and corporate cards being compromised by scammers.
Stay curious about keeping safe
“Businesses that adopt key controls and robust security practices will be far more secure than those that do not engage with or understand the extent of these risks,” says Roberts. “However, as the world of fraud and scams continue to evolve, all businesses will still be at risk.” That means protecting your business requires constant vigilance and renewed education promoted by business leaders to their workforces, highlighting new and emerging trends that are regularly published by the bank.
Quiz Yourself at CommBank SmallBiz Week
Swing by the CommBank expo stand to check your skills in detecting cyber security threats. Take a few minutes to find out what you dominate – and where there’s room for improvement. You’ll get priority cyber security actions for your business based on your answers, and a personalised result based on your overall scores!