CommBank warns of huge increase in scams

The Commonwealth Bank is sounding the alarm on a surge of remote access cyber-scams, as Australians enter their eighth month of working from home.

Business email compromise and ransomware scams have significantly increased since March, CommBank’s chief information security officer Keith Howard said on Tuesday.

• Also read: ‘Don’t provide the information’: ATO issues JobKeeper scam warning

• Also read: New AusPost scam using ‘curiosity’ against victims

• Also read: ‘Hang up immediately’: New scam stealing Aussies’ bank details

“The cost of cybercrime to the Australian economy is increasing every year, and every day we hear stories from our customers, including business customers, who are dealing with the financial and emotional costs of cybercrime,” Howard said.

Cyberattacks on businesses cost the Australian economy $29 billion a year, the Australian Cyber Security Centre (ACSC) reports, with the Centre receiving an average 164 reports of such crimes daily in the 2019 financial year.

And 62 per cent of businesses have experienced an attack. However, around half of all businesses cannot or will not spend more than $500 on IT security annually.

“Many businesses feel that cyber security is too technical, complex or expensive to deal with, but a cyber security attack has the ability to negatively impact a business, along with suppliers and customers, so there’s never been a more important time for businesses to take steps to ensure their information is protected online,” Howard said.

“A large part of what makes cyber security complex and intimidating is the increasingly sophisticated technology. Thankfully however, there are some simple tips people can follow to protect themselves online. That is why it’s really important everyone understands how to make cyber security a part of their day to day.”

These include updating operating systems and applications on computers and phones, making sure all staff use unique and strong passwords and establishing strong payment processes.

Additionally, staff should be trained on spotting suspicious emails.

Knowledge deficiency a challenge

ACSC research found nearly around 10 per cent of businesses don’t understand terminology like malware, phishing, ransomware or insider threats.

Malware is software that is intentionally designed to damage a computer, its network, client or server. These include viruses.

Ransomware is a form of malware that threatens its victim either with sharing their data or blocking access unless a ransom is paid.

Phishing is when scammers attempt to steal sensitive information or data like passwords, usernames, credit card or other personal details by pretending to be another entity. Australia Post, the Commonwealth Bank and the Australia Tax Office are frequently used as disguises for this type of cyber attack.

And an insider threat is a threat to a business that comes from people who work within the company, like an employee, partner or contractor and who have inside knowledge of the company’s security practices and data management systems.

Make your money work with Yahoo Finance’s daily newsletter. Sign up here and stay on top of the latest money, news and tech news.
Follow Yahoo Finance Australia on Facebook, Twitter, Instagram and LinkedIn.