It has been revealed in the Small Business in Focus Report #12 that during the first half of 2016, the Australian Competition and Consumer Commission (ACCC) has received more than 7,600 enquiries and complaints from small businesses. Their main problem was ransomware by way of Cryptolocker that have been disguised in emails from reputable companies such as AGL Energy Bills, the Office of State Revenue (OSR), Australia Post, the Australia Taxation Office (ATO), Woolworths and more. The emails mislead small businesses by claiming false bills and fake vouchers.
“An emerging scam posing a threat to businesses is the business email compromise scam (fake CEO scam). It usually involves a fake instruction from someone pretending to be the CEO or other senior staff member, advising changes to payment arrangements for a supplier and redirecting invoice payments to the scammer,” stated the report.
“The number of small businesses contacting the ACCC with concerns has risen steadily over the past few years. The current review of the Australian Consumer Law (ACL) provides a valuable opportunity for small business to speak up and ensure that their concerns are taken into account during that process. Concerns about changes to new credit card surcharging laws in September, and new changes to the ACL that will extend protections from unfair contract terms in business-to-business dealings in November are expected to generate significant interest from the Small Business community,” said Dr Michael Schaper, The ACCC deputy chairman.
A few tips to help you stay protected:
- When attempting to open it on your phone or MAC devices, it will give an error to use a Windows computer
- The .zip file will be suspicious
- Ensure that your backups are working and you have a rotating set of drives or tapes
- Ensure your Antivirus is up-to-date
- Be aware of any emails that ask you to reply quickly or act fast
- Alert users to new malware campaigns immediately.
- If the email is from someone you do not know, do not open it
- Implement effective email security tools and policies, such as blocking executable or zipped attachments from unknown senders, or setting email filtering rules.
- Prevent downloading executable or zipped attachments via HTTP/HTTPS connections.
- Microsoft Essentials, AVG, and other free AV products should not be used
- Isolate infected endpoints from the network as soon as possible
- Subscribe to alert services such as Australian Government’s Stay Smart Online, which updates on the latest trends in our region.
If you have received this email and have any urgent concerns regarding this issue, please contact Interlinked on 1300 302 207.