Businesses are facing major threats from email compromise attacks, with a lawyer flagging that determining who is responsible for financial losses is a “messy area”.
EAGLEGATE Lawyers principal Nicole Murdoch has warned that people and businesses are not putting enough effort into working out whose fault it is and not agreeing to split the financial losses caused through cyber crime.
She has noted that the latest figures show cyber criminals are preying on individuals and businesses in Australia every 10 minutes.
There’s been more than 13,500 reports of cyber crime to the Australian Cyber Security Centre in the past three months alone, Ms Murdoch indicated.
The ACSC is an Australian intergovernmental and interagency hub “responsible for cyber security including analysing, investigating and reporting cyber threats and coordinating national security capabilities and operations for incidents involving cyber crime, cyber terrorism and cyber warfare”.
Ms Murdoch cited one particular case where a 65-year-old retiree reportedly lost $66,000 when he transferred money to what he thought was a legitimate bank account after buying a car from a dealership.
“He received an email with an invoice and bank details, so he paid, only to later discover either a cyber criminal had got into the dealership’s computer network and sent the email, or his email account could have been hacked.”
Ms Murdoch noted that “email scams have become so sophisticated [that] honest people can easily be hoodwinked by a scammer”.
Compromised emails are one of the top issues currently being reported to the ACSC by businesses, the lawyer said.
“For example, a criminal hacks into a business email account and pretends to be a legitimate employee and sends an email to another employee who might be the person who make online payments and trick them into making an online payment to the criminal.”
It is estimated that cyber security incidents cost Australian businesses up to $29 billion every year.
“Scammers are everywhere and they are heartless,” Ms Murdoch commented, noting “there are already reports of scammers posing as charities or tradies offering help to bushfire victims”.
Scam Watch reports almost $50,000 has been given to fake charities this year alone.
“Fake charities operate all year round and especially after real disasters or emergencies, such as floods, cyclones, earthquakes and bushfires,” the lawyer continued.
She advised that the simplest cyber safety rule to follow is: “Unless you have initiated the contact, to trust nobody who wants your passwords and log-in details to your accounts.”
She added: “All these scammers want is access to your bank account or identity details.
“Your internet virus checker is not a scam preventer. Common sense and a healthy degree of cynicism are your best friends to ward off the scammers.”