Scams involving a range of email, instant message, SMS, and social media tactics, are being increasingly used by cybercriminals in Australia to fraudulently obtain goods or access to money, the ACSC warned.
ACSC Head Abigail Bradshaw said the use of BEC scams by cybercriminals has tricked many Australians and local businesses out of often substantial sums of money.
“In 2019-20 financial year there were 4,255 reports of BEC scams reported through the ACSC’s ReportCyber tool, representing losses of over $142 million,” Bradshaw said.
Many of these scams are very sophisticated, involving invoice fraud and employee and company impersonation. Invoice fraud occurs when an email account is accessed by criminals who edit contact and bank details on invoices and send them to customers with a compromised email account.
Former celebrated rugby league player Benny Elias was the victim of one such scam earlier this year, when hackers who had accessed his law firms email accounts were able to impersonate his lawyer and obtain $860,000 to settle a western Sydney property deal.
Cyber scams are becoming an increasing problem in Australia. Royal Melbourne Institute of Technology Cyber Security Expert Matthew Warren told The Epoch Times on Oct. 30 that the problem is so complex that there is currently no single solution.
With many businesses in Australia working remotely, scam attacks can now be linked to an individual or the organisation they work for causing increasing risk to businesses, Warren said.
“Australia faces an issue with online scams. Since the outbreak of COVID-19 there have been report over 4850 scam causing a loss of $5.8 million,” he said. “To put this in context, in 2019, Australians lost over $634 million to scams.”
The impact is enormous globally Warren said, with the PwC’s Global Economic Crime and Fraud Survey 2020 estimating that the global impact is around $42 billion.
To help Australians with this growing issue the ACSC released a new publication online entitled Protecting Against Business Email Compromise (BEC) that explains ways Australians can guard against these costly scams.
Bradshaw said that the advisory will help Australians “identify scams, prevent email accounts from being compromised, and prevent damage” to their business reputation.
Warren also suggests that both individuals and companies take a two-fold approach to the issue via technological solutions, such as using a filter system on email servers to stop potential phishing and scam emails; and explaining how to deal with the problem to businesses and their employees.