Best practice IT setup for SMEs
Australian businesses and consumers paid out a whopping $81.9 million last year to fraud-related offences against them. With SMEs being a prime target, here are some tips on how to avoid being a victim.
While many of the offences reported relate to personal attacks such as fraudulent sales, inheritances, pyramid schemes and phishing, scams are a minefield for SMEs. Small businesses are a popular target for scammers and with so many ways to pay (face-to-face, over the phone, online), it’s never been harder to protect your business.
The recent Australian Competition and Consumer Commission’s (ACCC) Targeting Scams survey stated that 91,637 scam-related complaints were received in 2014. This is just the tip of the iceberg with bodies such as the Australian Cybercrime Online Reporting Network (ACORN) and law enforcement bodies saying these figures are conservative.
It is suspected that many business operators may not even know they’re being scammed or are too embarrassed to report fraudulent offences. According to a recent guide by the ACCC, the types of scams are as varied as there are many.
Popular SME scams and how to avoid them:
1. Overpayment scams
After you’ve received the credit card payment, cheque or money order for much more than the agreed amount the scammer will then ask you to refund the difference. They may even ask you to pay their fake freight company for delivery of the goods.
Be wary of overpayments from suppliers and avoid complicated orders. A well-organised accounting system will make it easier to touch base with your records to uncover irregularities. If in doubt, use the phone numbers on the invoice or do an online search.
2. Computer hacking
Remote access, ransomware and malware scams cost Australian businesses more than $2 million last year.
Your computer is infected and you are blocked from accessing your data until the scammers have extorted the funds to remove it. Contamination of your sensitive business data can create expensive downtime as well as create further repercussions for your clients, so protect yourself with the latest anti-virus and spyware protection as well as a sufficient firewall.
3. Email interception
This is where a hacker diverts emails between you and a supplier. After intercepting the email, the scammer changes the bank details to their own, then forwards the invoice onto you for payment to the phony account.
To avoid these types of scams, you can implement specific processes for verification and payment of accounts and invoices and also crosscheck email addresses with your internal records. Ensure your employees follow these clearly outlined processes to the letter.
For transactions over a certain amount, rather than relying on one hapless individual to take the brunt, gather your most trusted employees and use a multi-person approval system. This way, the scammer has to jump through more hoops to get their booty.
4. Investment scheme scams
Counterfeit telemarketers target small business owners by peddling tax-free opportunities, which often include gambling disguised as “tax-free wealth”, “strategic investment” and other similarly labelled schemes. If it sounds too good to be true, it usually is. Press “delete”.
Keep informed with SCAMwatch
The ACCC runs SCAMwatch which offers information and tips on recognising and how to steer clear of scams. Sign up for the subscription service to receive email alerts on the latest cons.