We recently gave a presentation about email fraud to the Institute of Public Accountants at the 2021 WA State Congress.
We were talking mainly about phishing, the email phenomenon that accounts for 25% of notified data breaches in Australia every year. Phishing is email fraud on a massive scale, with scammers targeting anyone and everyone who might be tricked into giving away their personal information.
While the accounting services sector is among the best at reporting phishing attacks, it's still taking time to get the message across. We described what a phishing attack is, how to recognise it, and what to do to prevent it from impacting your business. We highlighted the basic measures that everyone should put in place to make sure they don't lose their sensitive information, their money or even their business.
Shocking fraud data
Our audience was shocked to discover that three billion phishing emails are sent out worldwide – every day. In our country alone, Australians were scammed out of more than $634 million in 2019, of which $132 million was lost by the business community through compromised email.
These figures come from an anti-fraud initiative called Scamwatch, set up by the Australian Competition and Consumer Commission. They collected over 6,000 reports in 2019, with a view to analysing the risks, coordinating statistics and helping businesses understand what they're up against.
Email scammers are relentless, they're cruel and they're heartless. To give you one example, Scamwatch have registered more than 3,000 reports of phishing attacks using the pandemic as their theme. People who are already in fear of the effects of the COVID-19 virus are receiving emails that seem to be offering support or assistance. The result? So far, total reported losses to Australians of $1,371,000.
Why does phishing succeed so frequently?
Phishing succeeds because scammers are clever, and because people often don't think hard enough about what they're looking at before they click that all-important button. Once you've opened a phishing email, you'll be looking at a
request for personal details like passwords and financial accounts. They usually ask you to confirm this information, as if they know it already.
They don't. In an increasingly common tactic, scammers are using the logos, typefaces and layouts of well-known major companies to make their emails look even more genuine. It gets harder and harder to spot a phishing attack, but you have to be vigilant and check everything that looks even remotely suspicious.
Understanding online risks
In our presentation, we also talked a bit about the Cloud, that area of uncertainty that seems to hover over many business people’s heads. Is it safe? Is it advisable? Should we use it? We'll talk more about this in the future, along with some more in-depth information about cybercrime – and how you can prevent it from happening to you.
Along with the Australian government, we at One Technology are doing our best to keep you informed of the risks. We've published a book about Email Security, and we run training programmes to help bring people up to speed. If you don't know anything about phishing, now's the time to find out.