Small Businesses Scam Alert

Follow us on LinkedIn (Wis Australia) for the latest industry updates and trending news.

ASIC has issued an urgent warning to small businesses about the rising threat of scams, particularly during the current period of high inflation and increasing operating costs. Small businesses are particularly vulnerable due to limited time and resources. The combination of high inflation and rising costs makes businesses more susceptible to financial scams whilst scammers are using increasingly sophisticated techniques to appear legitimate. 

False billing scam is one of the most common scams currently, it involves tricking businesses into paying for something that they didn’t want or purchase. Scammers will contact small business owners by phone or email unexpectedly asking for payment for services or products that haven’t been ordered.

To safeguard clients are strong advised to double check invoices are from suppliers you trust that you ordered the goods or services from, verify the payment details directly with the business and if unsure, search for the official site of the organisation. 

Small businesses may also be targeted with investment scams, where scammers offer a ‘once-in-a-lifetime opportunity’ to make easy money, pretending to be investment professionals. Scammers often impersonate legitimate finance companies, using convincing marketing to make their investment sound appealing. An investment offer may be a scam if the person is pretending to work for an Australian financial services licensee or has an investment prospectus that isn’t registered with ASIC.

Small business owners are advised to sense-check investment opportunities with family, friends or a trusted adviser and check ASIC’s Investor alert list to know which companies, businesses or entities you shouldn’t deal with. 

Remote access scams involve tactics to convince small business owners that they have a computer or internet problem requiring new software to fix it. Scammers trick owners into giving them remote access to their computer and personal information so that they can access their computer and bank accounts.

Small business owners are warned against giving their personal, credit or online account details over the phone or providing unsolicited callers remote access to their computer. 

Among the various scams targeting businesses, payment redirection scams, also known as fake invoice scams, pose a significant financial threat. These schemes involve fraudsters impersonating legitimate businesses or their employees via email, attempting to redirect scheduled payments to fraudulent accounts. The scale of this threat is substantial, with the ACCC reporting that Australians lost $16.2 million to such scams in 2023.

Business owners are strongly advised to verify payment details directly with known business contacts before processing any invoices, especially when faced with requests to change payment information. 

Phishing scams represent another sophisticated threat, where criminals employ deceptive links to harvest sensitive personal, business, and financial information. These scams frequently involve the impersonation of government departments or legitimate businesses, with fraudsters distributing malicious links through email or SMS messages.

To protect against such threats, businesses should implement comprehensive cybersecurity measures, including anti-malware software installation, enabling multi-factor authentication across all critical accounts (email, banking, and social media), and maintaining regular data backups. 

Furthermore, ASIC impersonation has also become a concerning trend, where scammers pose as the regulatory body to extract fees and personal information from business owners, often under the guise of business or company name renewal requirements. These fraudulent communications typically contain links to fake invoices or malware-infected documents.

If you receive a suspicious email claiming to be from ASIC, do not click any links. Instead, report the suspicious communication through ASIC's online enquiry system, delete the email, and if necessary, contact ASIC's Customer Contact Centre directly to verify any legitimate communications. This approach ensures you maintain security while properly addressing any genuine regulatory requirements. 

It is crucial to act swiftly if you believe your business has been scammed. It is highly recommended to take the following steps: 

1. Stop sending any more money and block all communication from the scammer. 

2.  Contact your bank or financial institution immediately to halt any ongoing transactions.  

3. Be cautious of follow-up scams that may promise to help you recover your lost funds.  

4. Report the incident to Scamwatch to warn others, and if it involves financial misconduct, report it to ASIC as well.  

5. If the scammer has a social media account, report it to the relevant platform. Finally make sure to inform your family, friends, employees, and customers about the scam to protect them. 

Final Conclusions

If the scammer has a social media account, report it to the relevant platform. Finally make sure to inform your family, friends, employees, and customers about the scam to protect them.