Each month, the team at Eftsure monitors the headlines for the latest accounts payable (AP) and security news. We bring you all the essential stories in our cyber brief so your team can stay secure.
A recent survey by Medius reveals an alarming rise in deepfake-powered financial scams that target businesses. According to the research, over half of US and UK companies have faced such attacks, with 43% falling victim. 85% of finance professionals view these scams as an existential threat to their organisation’s financial security.
Deepfakes, AI-manipulated media, are increasingly used by criminals to con businesses. The scams often combine phishing techniques with social engineering and AI technology.
Deloitte predicts AI-enabled fraud losses could reach $40 billion in the US by 2027. High-profile cases — like the scam that resulted in Arup losing millions earlier this year — highlight these attacks’ sophistication and potential impact.
The latest notifiable data breach report from the Office of the Australian Information Commissioner (OAIC) has revealed a 9% increase in data breaches, with 527 notifications from January to June — the highest since late 2020.
Malicious incidents accounted for 38% of breaches, primarily driven by phishing. As causes of data breaches, both phishing and stolen credentials increased since the previous reporting period. Healthcare, government, and finance sectors were most affected, with one breach impacting over 10 million Australians.
It’s also noteworthy that reporting spiked around May, June and July — the EOFY period when finance and AP professionals are most likely to be under the pump (and often more likely to be targeted by scammers).
Hardware retailer Total Tools has suffered a data breach affecting 38,000 customers. The leak compromised personal information including names, passwords, credit card details, emails and shipping addresses.
Chief Executive Officer (CEO) Richard Murray announced that the company has addressed the cause and implemented additional security measures, while the organisation says it has also notified impacted customers and relevant authorities. Total Tools isn’t the first hardware brand to experience such an incident — two years ago, its rival Bunnings Warehouse also revealed that customer information had been exposed in a data security breach.
The Council of Small Business Organisations Australia (COSBOA) has warned consumers to be vigilant for potential scams in the aftermath, with CEO Luke Achterstraat urging businesses in the construction industry to secure sensitive data and be alert for suspicious activity.
A Western Australian small business narrowly avoided financial ruin after falling victim to a $50,000 invoice scam. Wade Brown, director of Pure Glass WA in Margaret River, discovered unauthorised transfers from his company’s account to a fraudulent AMP account.
Despite swift action to alert Bankwest, the funds were not recovered. The bank denied liability — a position supported by the Australian Financial Complaints Authority.
The scam likely originated when a fraudster posed as a Telstra employee during an internet outage. Brown maintains that accessing the funds should have been impossible without a secure token. The incident illustrates a few concerning elements of today’s threat landscape:
The federal government has announced a “reset” of the Consumer Data Right (CDR) to improve uptake and reduce access costs. Assistant Treasurer Stephen Jones launched a month-long consultation, citing high regulatory burdens and low consumer engagement as key issues. A recent report by Heidi Richards echoed industry concerns about the costly and ineffective rollout. However, fintech leaders remain divided, with some optimistic about CDR’s potential.
The government aims to expand CDR to non-bank lending by 2025, following a strategic review in 2024.
NZ banks are reimbursing scam victims—but businesses remain exposed. Learn what CFOs must do to protect payments beyond the new consumer protections.
The FBI’s 2024 Internet Crime Report reveals a sharp rise in cyber-enabled fraud, with reported losses reaching $16.6 billion, up 33 percent …
All the news, tactics and scams for finance leaders to know about in March and April 2025.
Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.
