Cyber crime

7 Tips To Recover From Cyber Fraud

Niek Dekker
7 Min

Online B2B payments are convenient for businesses and their suppliers, but they are also notoriously vulnerable to a range of security risks. All too often Australian organisations fall victim to fraud or internet banking scams. It’s no surprise that during the 2020-21 financial year, the ACSC observed over 67,500 cybercrime reports – many involving Payment Redirection or Business Email Compromise attacks.

For many CFOs or Accounts Payable (AP) managers, the initial response to discovering you’ve been defrauded is panic. Knowing what to do or where to get help can be bewildering. In this blog, we’ll unpack the nature of these scams and the time-critical steps you need to take to help you recover funds stolen through cyber fraud.

Recognising a scam

Many businesses make thousands of electronic payments to suppliers, vendors, and other entities. However, busy AP teams struggle to verify the BSB and Account Number of every supplier they are paying. Verifications are both time consuming and prone to errors.

Even if suppliers are verified during onboarding, malicious actors may manipulate a supplier’s banking information prior to a payment being processed. That’s why you need continuous verifications, the absence of which poses a serious security risk.

Scammers are actively seeking ways to infiltrate your email accounts, ERP systems and ABA files. That’s why it’s important to verify every transaction immediately prior to processing a payment. Scammers have an increasing array of sophisticated tools and tactics at their disposal – making the job of your AP staff harder than ever!

To combat this, organisations must implement an ongoing, continuous verification process.

It’s only a matter of time before a business that doesn’t verify B2B payments falls victim to scammers and cyber criminals. Attack vectors can include business email compromise, phishing attacks or identity theft. On a daily basis, Australian businesses are being robbed of tens of thousands of dollars due to unauthorised transactions.

Once you have identified a scam, it is critical that you immediately take action. Financial institutions have a very narrow window of time during which stolen funds can be blocked and recovered. Any delay on your part will make it impossible to recover your stolen funds. It’s essential you follow these seven steps as soon as you identify a fraud incident.

7 Tips to recover from cyber fraud

1. Contact your financial institution

It’s important to contact your bank immediately if you have fallen victim to cyber fraud or if you suspect cyber criminals have compromised your financial information. Below are the fraud incident hotlines, so you can contact the four major banks in Australia:

 

Bank Phone number
Commbank 132 221
Westpac 132 032
ANZ 13 22 73
NAB 13 10 12

Ensure you collect and document as much information as possible in the event of cyber fraud, including names, personal details, social media interactions (if any), email addresses, phone numbers, credit card information, digital currency exchanges, receipts, phone call interactions and records of other types of payments. The more detailed information you can provide your financial institution, the greater the likelihood they will be able to track down your funds.

It is also recommended by the banks that you forward suspicious email and SMS messages to your financial institution.

It is critical to understand that Australian banks don’t assume any liability for stolen electronic funds transfer payments. At best they may be able to stop and recover outgoing funds, if it isn’t too late.

2. Call the police

Report a cyber crime to your local state/territory police immediately if the scammer has compromised sensitive financial information or stolen your money. Below are some examples of when to contact the police:

  • Manipulated invoices
  • Fake or counterfeit money
  • Overpayment of accounts related to possible money laundering
  • Internet hacking
  • Merchant fraud
  • Victim of Identity theft
  • Cyber threats or intimidation
  • Espionage

Those not directly impacted by a cyber crime, but who nonetheless have information relating to a specific incident, can report information about the fraud to Scamwatch.

3. Report to your IT administrator

You should urgently consult an I.T. professional if you suspect any suspicious activity. Your existing security tools may not be capable of detecting cyber crimes that involve deceiving your staff into processing fake payments. All too often, cyber fraud is only detected after the damage has already been done.

That’s why it is crucial to communicate with your I.T. administrator if you suspect any malicious behaviour. I.T. professionals will investigate how the cyber crime was executed, whether any email accounts are compromised, and examine logs in an attempt to pinpoint the source of the crime. Evidence will be crucial in determining whether the fraud originated internally or due to an external threat actor.

Internal threats to I.T. systems are an increasing risk for many organisations. These can occur when staff are unaware of the appropriate security measures or when malicious intent is involved. Some steps can be taken to guard against internal threats including:

  • Establishing IT policies and procedures 
  • Analysing security configurations on devices and system privileges
  • Implementing secure data storage practices, such as cloud storage
  • Implementing Multi-Factor Authentication across all systems, and embracing strong password practices
  • Ensuring security around sensitive files, including limited access controls

4. Report to Cyber.gov.au & Scamwatch

Scamwatch or the Australian Cyber Security Centre might have information helping you identify the crime syndicates behind your cyber fraud, particularly if other Australian organisations have experienced similar incidents in recent times. Depending on the nature of the cyber crime, you should quickly report the incident to the relevant cyber security authorities. See below for more information on who to report to based on which cyber crime:

Type of scam How to report
Identity theft or data breach Contact the Australian Cyber Security Centre's ReportCyber hotline on 1300 292 371
If you can identify an Australian business entity that was involved in the scam Contact Fair Trading in your located state
Payment Redirection or Business Email Compromise Report to Scamwatch.gov.au/report-a-scam

5. Seek support from IDCARE

In Australia and New Zealand, IDCARE is the national identity and cyber support service that helps people and organisations with concerns about identity theft or cyber crime. They provide an effective response plan and mitigation when it comes to your personal information or identity being stolen.

Contact IDCARE to develop a specific response plan tailored to your situation and support you throughout the process. All contact information can be found on the IDCARE website.

6. Contact Crime Stoppers

Crime Stoppers Australia combats a broad spectrum of criminal behaviour, including cyber crime. Cyber crimes include internet fraud, phishing scams, identity theft, cyberstalking, and more. Crime Stoppers works with law enforcement in other jurisdictions through Interpol in an effort to track down and stop the global criminal syndicates that often perpetuate such offences.

As an independent body, they are able to assist you, and the wider community, in anonymously sharing information about crimes of concern and criminal activity.

Get in touch with Crime Stoppers Australia today to share your experience with an unsolved crime or suspected cyber criminal activity by visiting Crime Stoppers.

7. Report to your Cyber Insurance Provider

Having cyber liability insurance can protect your business from the aftermath of a cyber attack and data breach in certain circumstances. Reporting your situation to your cyber insurance provider will help you deal with the costs and expenses related to the attack.

Your provider can contribute to financial protection by covering:

  • Forensic investigation costs to investigate the issue
  • Data recovery costs
  • Extortion amounts that ransomware may demand
  • Crisis management costs
  • Notification costs and other legal costs

Cyber policies will generally cover operations losses, such as business interruptions, but many will not cover cyber fraud that they deem to have occurred due to human factors. If they determine a cyber fraud incident was directly caused by human error, you may discover that your cyber insurance doesn’t cover the losses.

How can Eftsure help?

Recovering funds stolen through cyber fraud is, at best, a long shot.

In the aftermath of a fraud incident, you will find yourself mired in a painful process that will take months to resolve – and at the end of this process you still may not have recovered your stolen funds. Even if you report the scam as soon as possible, there’s no guarantee of a successful outcome.

That’s why preventing cyber fraud is critical.

With Eftsure sitting over your accounting processes, you no longer need to worry that supplier banking data is being manipulated. You gain the ability to securely process electronic funds transfer payments without worrying that you are inadvertently sending money to cyber criminals.

Eftsure’s unique database comprises banking data from over 90% of actively trading Australian corporate entities. This gives your AP staff an easy way to identify scams and fraud, as well as prevent erroneous payments.

Eftsure works in conjunction with your existing strong internal controls to maximise your payments security.

To learn more about Eftsure and how we can help your organisation stay protected, contact us today.

The Essential Cyber Security Guide for CFOs
Understand the full range of cyber threats facing the modern CFO.

It's the critical information you need to stay one step ahead of cyber criminals and prevent your organisation becoming a victim.

Related articles

The new security standard for business payments

Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.