This week marks Scams Awareness Week, an annual national public awareness campaign by the Australian Competition & Consumer Commission (ACCC) dedicated to reducing the impact of cyber scams in Australia. This year, the campaign aims to shine a light on the dangers of threat-based impersonation scams and to empower people to protect their personal and financial information.
Amid a period of heightened cyber-risk, it’s relevant not only for consumers, but for businesses as well. Prime Minister Scott Morrison recently announced an emergency cybersecurity alert in Australia, warning local public and private sector organisations of a “sophisticated state-based cyber-attack”. Experts like the former head of the Australian Cyber Security Centre, Alastair MacGibbon, has also cautioned businesses and reminded them that cybercrime continues to be an existential threat, and that recent attacks targeting local organisations (like Toll Group & BlueScope) are just the tip of the iceberg.
Now, more than ever, we need solid cybersecurity measures and strategies to protect our data, brands and customers, and initiatives like these are a great opportunity to raise awareness and collaborate within our professional communities and networks about the risks we face, and how we can stay protected. MailGuard is a proud campaign partner of Scams Awareness Week 2020.
This year’s theme about defending ourselves against identity theft. The ACCC reports that scams involving identity theft cost Australians $15.8 million in 2019, although this figure is conservative due to underreporting. We’re also witnessing an increase in scams related to business identity theft, with reports circulating that this type of fraud is set to increase by a staggering 258% this year. In the current climate, it’s hardly a surprise. As more businesses pivot to working from home in light of COVID-19, the risks to data security rise exponentially. Cybercriminals are taking advantage of remote working to steal valuable business identifiers and impersonate businesses for unlawful purposes (like opening a new line of trade credit). A recent case of business identity theft that comes to mind is a fraudster that hacked into several high-profile Twitter accounts (including those of Elon Musk, Barack Obama & Joe Biden) by convincing a Twitter employee that he worked in the company’s IT department, tricking Twitter users into sending him cryptocurrency.
The ACCC has identified five of the most common type of scams impacting Australians, and over the course of this week, my team are sharing assets and information related to protecting your businesses against these scams. You can visit our Scams Awareness Digital Hub for the latest updates.
It’s critical to remember that email remains the number one vector for cybercrime. Nine of out 10 cyber-attacks are delivered by email, with the ACCC reporting that business email compromise (BEC) scams cost Australians $132 million last year. BEC scams and phishing emails remain some of the most prolific ways to execute identity theft, and it is imperative for businesses to consistently review their email security strategies to ensure they’re doing all they can to stay safe. I recommend adopting a multi-layered approach to cybersecurity. In the context of email security, for example, explore other solutions to layer your email defences and to protect your brand, your people and your data. No one vendor can stop all threats, so don’t leave your business exposed. If you are using Microsoft 365 or G Suite, you should also have third-party solutions in place to mitigate your risk. For example, using a third-party specialist cloud email security solution like MailGuard to complement Microsoft 365.
I encourage all businesses to stay in touch with Scams Awareness Week, it’s an opportunity to reflect on your own cyber resilience, and to raise the awareness of those around you, specifically when it comes to protecting their data & avoiding identity theft. It is vital that businesses think smarter and safer about the data they’re storing and sharing – especially key business identifiers. If you need more support to protect your business from email scams, feel free to reach out to us at firstname.lastname@example.org.
Together, let’s stay safe online.