Accounts Payable Security Report: October 2022

Each month, the team at Eftsure monitors the headlines for the latest Accounts Payable news. We bring you all the essential learnings in our security report, so your Accounts Payable team can stay secure.

Cyber Security is Australia’s Achilles Heel

Australian small businesses are some of the least digitally capable, according to Dr Jane Rennie, general manager of media and content at CPA Australia.

“Australian small businesses are being left behind on the international stage when it comes to digital capability. They need support to increase their technology capabilities, including cyber security,” said Dr Rennie.

Dr Rennie’s comments were in response to the release of a new report by the Institute for Management Development (IMD), which showed that Australia is falling behind other countries when it comes to cyber security.

Committee for Economic Development of Australia (CEDA) chief economist Jarrod Ball characterised cyber security as Australia’s ‘Achilles heel.’

According to Ball: “Our future readiness is held back in the rankings by factors such as business agility, entrepreneurial risk-taking and cyber security preparedness.”

The message is loud and clear – cyber security is a critical business enabler for Australian organisations, including small businesses. Without it, they will struggle to achieve secure, sustainable growth.

Two Arrested for $1.2m BEC

Two men were arrested in relation to a Business Email Compromise (BEC) scam that diverted more than a million dollars from a Tasmanian victim who was in the process of purchasing a house.

In October 2021, email correspondence from the victim’s conveyancer was compromised by a third party. They altered the attached account payment information, resulting in the victim transferring over $1.2 million to the scammers.

Following a lengthy investigation by the Serious and Organised Financial Crime Investigation Section, two suspects were identified and arrested in South Australia.

Police identified that the stolen money had been transferred between numerous bank accounts, with $170,000 being converted into cryptocurrency. $100,000 of the cryptocurrency has been recovered, with the remaining $70,000 worth cryptocurrency being sent overseas to Ghana.

Police further identified that a further $66,000 had been used by the suspects to purchase shares, and investigations are continuing.

This is an important reminder that BEC scammers move quickly to transfer stolen funds between multiple bank accounts, including offshore accounts, as well as cryptocurrency accounts. This makes retrieving stolen funds almost impossible. That’s why prevention is key when it comes to stopping BEC scams.

Scammers Target Farmers

Scammers stole $1.2 million from farm businesses between July 1 and August 31, a surge of more than 20 per cent compared with the same period last year, according to the Australian Competition and Consumer Commission.

Scammers are ruthlessly luring farmers and rural businesses with seemingly good online deals on tractors and other farm machinery through fake websites or bogus classifieds on legitimate platforms and publications.

They employ sophisticated methods to make a fake business look convincing, such as listing ABNs on fake websites, providing a mock sale contract, answering questions about the machine, and offering a free trial period after a deposit is made into a fake escrow account.

Farmers and small business owners should take extra steps to verify a business is legitimate before making an expensive purchase online, such as inspecting machinery in person or through live video.

They should also verify the bank account of the business they are sending funds to through Eftsure. This will help them identify whether other businesses have transferred funds to the same entity in the past.

BEC Incident Response Guide for Finance Teams

Learn how to respond to a Business Email Compromise attack by following the necessary steps.

Download the Business Email Compromise (BEC) Incident Response Guide today to strengthen the odds of recovering your funds following a BEC attack.

Download Guide