Cybersecurity Risks and Scams: How to Guard Against Them

Cybersecurity Risks and Scams: How to Guard Against Them

The federal government is advising Australians to be extra vigilant regarding online scams due to an increase in fraudulent activity during the COVID-19 pandemic.  

The government has also finally unveiled its delayed cybersecurity strategy this month but left much of the detail to forthcoming legislation that is yet to be put before parliament. 

According to ACCC’s agency Scamwatch, scammers have used the threat of COVID-19 to prey on vulnerable people across Australia. Approximately over $1.3m in losses have already been reported, as a result of COVID19-themed scams.

Scammers have concentrated on targeting both individuals and businesses through a variety of methods, including emails, text messaging, social media, phone calls and fake websites.

An important method of self-protection is to be aware of how they operate and to stay informed on the variety of deceitful approaches: 


Phishing involves sending fake emails or text messages that look official but are in fact impersonations. The messages are designed to extract information from the recipient or to get them to respond in some way. 
During COVID-19, scammers have been sending out emails that look like they are from government agencies, banks, well-known companies, or retail chains. These will often make offers of money, assistance or free products, or else inform the recipient they have an appointment for COVID-19 testing. In some cases, people have received emails asking for payments of goods they didn’t buy. 

It’s important that you do not respond to these types of messages if you receive them. They usually contain attachments designed to steal personal and financial information from you.

The problem with phishing emails is they look like the real thing and trick even the most discerning individual if they’re caught in a moment of confusion.  

However, if you look closely there are telltale signs such as spelling errors, or unusual website URLs and/or email addresses. 

To be safe, NEVER respond to any email asking for your personal or financial information no matter how ‘real’ they look. If you have concerns, ring your provider directly to double check if they’ve sent anything. If not, it’s a scam.  
Some scammers have been setting up stores selling COVID19-related products. These include medicines, face masks or even bogus vaccines. 
Often they will request payment by unusual means – such as electronic currencies, money orders, or wire transfers. 
If you spot online stores you think may be scams, you should report it to Scamwatch immediately.  

A business scam often comes in the form of an email from one of your suppliers asking you to change their bank account details on your system. 
If you get an email of this kind, you should contact the supplier company directly (from a phone number obtained from their legitimate website and NOT from the email) and check whether they actually sent you the email before taking any action.  
Lately, many people have been drawing money from their superannuation accounts as a result of the pandemic and financial hardship. This has led to scammers targeting individuals offering to help them access their funds.  
Many of these scams come in the form of phone calls from someone claiming to be from a superannuation fund. 
However, it’s very unlikely that your superannuation fund would call you and offer assistance of this kind. If you get a call like this, do not engage but hang up immediately. 

If you are an accounting firm, it is your responsibility to warn your clients about these current scams, which may be putting superannuation funds at risk.  

There are a variety of high-quality, protective security measures available in the IT marketplace if you choose to install them and guarantee your business’s cyber integrity.  

Other risk management measures include using two-factor authentication, avoiding use of the same password for different sites, regularly updating software and installing effective antivirus protection. 

Our previous blog post on CyberSecurity contains more detail on how to protect your business against scams and online attacks. For more information on how to better protect your business, please contact us directly for detailed advice.   

Additional information on scams can also be found on the ACCC Scamwatch webpage

Stay safe!