Create a free account, or log in

Practical steps for SMEs to avoid scams

Scams are on the rise across Australia. And small businesses are being targeted to take advantage of their limited time and resources.
Tegan Jones
Tegan Jones
social media scams loss cost of living side hustle scammers small business
Source: Adobe Stock

It’s Scams Awareness Week – and while I’m not usually a fan of corporate and governmental agenda push days – this one is important. Scams are rampant in Australia. And small businesses are being targeted in specific ways to take advantage of their limited time and resources.

According to recent reports, $2.74 billion was lost to scams online, by phone, or in person in Australia in 2023. Even 90s-style throwback scams are coming back into vogue.

Australia’s investment watchdog Australian Securities and Investments Commission (ASIC) also revealed that it’s taking down roughly 20 scam sites each day.

So what do you need to be looking out for?

Phishing scams

Phishing remains one of the biggest threats to small businesses.

Scammers will often impersonate government agencies or organisations like banks to trick business owners into revealing sensitive information.

This can also happen over email or text where the recipient is enticed into clicking a malicious link that seems legitimate.

This tactic saw a notable uptick during the COVID-19 pandemic, as fraudsters preyed on fears and uncertainty, sending out fake updates about safety measures or offering access to supposed government subsidies.

Compromised email accounts

Email phishing becomes more complicated when in some cases, hackers get into legitimate business email accounts and send links or fraudulent payment requests.

These emails are particularly dangerous because they’re often indistinguishable from legitimate correspondence. After all, they’re from a real address. 

False billing

This is another tactic that has gained popularity. Scammers send out fake invoices, hoping busy administrators won’t notice the discrepancies.

For small businesses, where one fraudulent payment could significantly impact cash flow, this scam is particularly dangerous.

Supply scams

This is where scammers set up fake websites or social pages to sell nonexistent products.

During the pandemic, businesses urgently seeking supplies like hand sanitisers and masks were key targets for this type of scam.

Overpayment scams

In this case, scammers overpay for goods or services using stolen credit cards or fake cheques. They then request a refund for the excess amount. Once the original payment bounces, the business is left with the bill. This type of scam often targets online sellers who may not have the resources to verify every transaction thoroughly.

So what can small businesses do about scams?

The sad truth is that almost anyone could be a victim of a scam, no matter how vigilant you are. There are plenty of people who work in the cybersecurity and tech spaces — people who are hyper-aware of scams — who have fallen victim. Scammers are crafty and ever-evolving in their techniques.

But there are some things you can do to mitigate some of the risk.

  • Be suspicious: Always verify the legitimacy of emails, SMS, or social media messages before responding or clicking on things, especially if they ask for sensitive information. Scammers often create a sense of urgency, hoping to catch businesses off guard.
  • Double-check payment requests: With business email scams on the rise, it’s crucial to verify any payment requests, especially those involving new bank details. 
  • Update your software: Many small businesses rely on outdated systems, making them easy targets for scammers. Regularly updating security software can help protect against phishing and malware attacks.
  • Training: Train your employees to recognise and report suspicious activity. Anyone can be targeted.
  • Online monitoring: Tools like Google Alerts can help you stay informed about any unauthorised use of your business name online. Scammers often misuse legitimate business names to seem credible to other victims
  • Password policies: Weak passwords are a common entry point for scammers. Make sure all of your business accounts have strong, unique passwords that you change regularly. It’s annoying but it’s worth it.

Never miss a story: sign up to SmartCompany’s free daily newsletter and find our best stories on LinkedIn.