Cyber Brief for CFOs: November / December 2024
All the news, tactics and scams for finance leaders to know for November / December 2024.
The holiday season, with its flurry of activity and reduced vigilance, creates fertile ground for scammers to target businesses. According to Shameela Gonzalez, Financial Services Lead at CyberCX, this period sees a significant rise in cyberattacks, including ransomware, phishing, and business email compromise (BEC) scams. Below, we explore common holiday scam trends, warning signs for accounts payable (AP) teams, and best practices for mitigating risks during this busy time.
Scammers often exploit the holiday season’s reduced alertness. BEC scams remain a critical concern for businesses, where fraudsters impersonate vendors or internal stakeholders to trick AP teams into redirecting payments to illegitimate accounts. Phishing emails—often disguised as urgent payment requests—are another prevalent tactic. These schemes rely on employees’ reduced vigilance during the holidays.
Fraudsters recently used deepfake technology to impersonate a company executive, leading a finance worker to transfer millions into a fraudulent account. Business email compromise (BEC) scams further illustrate this trend, accounting for 30% of all cybercrime reports in 2023.
According to the National Anti-Scam Centre, scams continue to evolve, with a marked increase in tactics like impersonation of government bodies, including the Australian Tax Office (ATO), to demand urgent payments or account updates. In 2023, Australians lost over $2.74 billion to scams, as reported by the ACCC, with investment scams accounting for the largest financial losses. This trend highlights how fraudsters are quick to exploit high-value opportunities—a tactic mirrored in B2B scams like phishing and BEC attacks that target AP teams during the holiday season. Over 14,000 cases of phishing scams were reported during the holiday season, underscoring the prevalence of this tactic.
AP teams should remain vigilant for:
As Gonzalez notes, “Businesses should operate under the assumption that scam attempts are constant. When AP teams maintain this mindset, they can detect and mitigate threats more effectively.”
Preparation is key to mitigating financial and reputational damage caused by scams. Gonzalez highlights the importance of implementing crisis plans that include the following elements:
Additionally, AP teams should conduct pre-holiday risk assessments to identify potential vulnerabilities and strengthen weak points.
Implementing consistent processes can significantly reduce the likelihood of falling victim to scams. Here’s a checklist of best practices for AP leaders recommended by Gonzalez:
To mitigate risks, businesses must prioritise education and preparation. Gonzalez advises, “Never assume your business won’t be targeted. Fraudsters don’t take holidays. The key is building processes that reduce reliance on human judgement alone.”
Additionally, AP leaders should:
All the news, tactics and scams for finance leaders to know for November / December 2024.
Each month, the team at Eftsure monitors the headlines for the latest accounts payable (AP) and security news. We bring you all …
Discover key insights from the OAIC report on data breaches, including the impact of human error and strategies for CFOs to protect their organisations.
Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.