Cyber criminals will ramp up their tax scam activity by 400 per cent during the end of financial year with small and medium businesses most at risk, experts say.
Commonwealth Bank of Australia small business banking executive general manager, Bec Warren, said emails or texts asking for taxation portal login details should set off red flags for member portal scams.
According to CBA, member portal scams involved phishing for tax or superannuation member portal credentials through email or text messages.
Once scammers gained access, they altered payee details so that tax returns or superannuation payouts would be deposited into accounts controlled by the scammers.
The four-fold increase in reports of member portal scams during tax season showed “the determination scammers have to try to scam unassuming small business owners out of their hard-earned money,” Warren said.
“Make sure that, when you are entering your login details and passwords, you do so on the organisation’s official portal and do not click on any suspicious links. Scammers will usually create a sense of urgency to get you to act quickly, not leaving you enough time to think,” Warren said.
CBA said small businesses were most at risk, being more likely to be pressed for time and resources amid the demands of tax season.
“We all know small businesses are often family run, have fewer resources and not a lot of free time on their hands, which can make them more likely to miss some of the red flags they otherwise would have spotted,” she said.
“This is why it’s always important to stop, check and reject any unusual emails, texts, links or payment requests.”
But owners of medium-sized businesses have also been urged to remain on “high alert” by MYOB.
According to a recent survey from the accounting software provider, three out of five medium businesses experienced a cyber attack or cyber incident, rising to 81 per cent for businesses in finance and insurance.
Head of cyber security Peter Wolski said the mid-market was a “tipping point” for cyber threats as they had fewer resources than larger businesses but outgrew solutions used when they were smaller.
“Cyber security should be top of mind for businesses of all sizes, but the mid-market often represents a tipping point where the threat can become particularly critical,” Wolski said.
The survey of 500 mid-sized Australian businesses found that 83 per cent of respondents have carried out system upgrades or cyber training in the last two years, with 84 per cent feeling prepared for a cyber event.
But Wolski urged against complacency, particularly as AI made it easier for cyber criminals to craft more sophisticated messages.
“The threat is very real … businesses shouldn’t get too comfortable, especially as cyber criminals get more sophisticated,” Wolski said.
“All the benefits that Gen AI brings in terms of automation and intuitive communication unfortunately also help those who might be looking for security vulnerabilities. It’s more important than ever to be vigilant, as it’s not as easy to immediately identify scam communications.”
You are not authorised to post comments.
Comments will undergo moderation before they get published.