It’s important that you stay alert and safe online so you aren’t caught out by one of these scammers, and to review your security procedures to help stop financial fraud and protect your clients and your business.
Here are our top 10 cyber security tips to help you stay safe and secure online.
1. Use strong and secure passwords
Regularly change passwords and do not share them.
Use multi-factor authentication where possible. Multi-factor authentication requires users to provide multiple pieces of information to authenticate themselves – for example, a text message to your phone when logging in to a website.
2. Remove system access from people who no longer need it
Immediately remove access for people who:
- no longer work for your business
- have changed positions and no longer require access.
Unauthorised access to systems by past employees is a common cause of identity security or fraud issues for businesses.
3. Make sure all devices have the latest available security updates
Run weekly anti-virus and malware scans and have up-to-date security software.
Instances of malicious software (malware) are increasing. It can be easy to accidentally click on an email or website link which can infect your computer.
4. Do not use USBs or external hard drives from an unfamiliar source
USBs and external hard drives may contain malware, which can infect your business computers without you noticing.
5. Use a spam filter on your email account
Always use a spam filter on your email account. Do not open any unsolicited messages. Double check the sender’s email address is what it should be, even if the name looks right.
Be wary of downloading attachments or opening email links you receive, even if they are from a person or business you know. They can infect your computer with malware and lead to your business or client information being used to commit financial fraud.
If you are ever unsure if an email you’ve received, contact the sender by phone if it’s someone you know to confirm that the email is safe.
6. Secure your wireless network, be careful using public wireless networks
Be vigilant when using public wireless networks. Not all wi-fi access points are secure. By making online transactions (such as online banking) on an unsecure network, you can put your information and money at risk.
7. Double check payment details with suppliers/clients
Some recent computer viruses redirect emailed invoices and have BSB and account numbers changed on supplier invoices. A good habit to get into is to check with any supplier that provides a new bank account on an invoice by phone to prevent financial fraud.
It can also be a good idea to have a second person in your business approve payments. This could be a manual procedure or there is software to enable this. Some banks provide access for one user to prepare or draft payments and transfers and a second person to approve and pay.
8. Monitor your accounts for unusual activity or transactions
Check your accounts (including bank accounts, digital portals and social media) for transactions or interactions you did not make, or content you did not post.
If an organisation you deal with sends you an email alerting you to unexpected changes on your account don’t click on included hyperlinks in the email or log on to the organisation’s website by using links or attachments included in the email. You should immediately check those accounts and contact the organisation by phone.
9. Do not download programs or open attachments unless you know the program is legitimate
Some programs contain malware that can infect your computer (including ransomware which locks your files until you pay a criminal). It can also be used to harvest your sensitive personal and business information. Be sure you are downloading authorised and legitimate programs. Unless you know the program is legitimate, do not open attachments or download programs.
10. Do not leave your information unattended
Secure your electronic devices wherever you are. Your information can be stolen in an instant. In some situations, you won’t even know it’s been stolen. Make sure you:
- do not leave your information unattended
- secure your electronic devices (such as phones or tablets) with passcodes
- securely store portable storage devices (such as thumb and hard drives) when not in use.
A note on ATO Scams
There are some tell-tale signs that can help you identify a tax scam. The ATO will never:
- send you unsolicited automated calls
- threaten you with arrest or insist you stay on the line until a debt is paid
- cancel or suspend your TFN
- request payments through unusual methods like cryptocurrency, cardless cash, gift vouchers or bank transfers to private accounts
- ask you to pay a fee in order to receive a refund.
If you think that you have paid or provided personal information to a scammer, contact the ATO to make a report straight away.