It’s an unfortunate fact that small business owners are regularly the target of scammers – trying to take their money, business contacts, or business or personal identification details.

Scammers often pretend to be from a government agency, like the Australian Taxation Office (ATO), or a well-known company you may have heard of, such as Telstra. Their aim is to scare you into parting with your money or valuable information and if you don’t, they may threaten you with fines, disconnecting your internet, taking you to court, arrest or even deportation.

Here are some tips to help you protect your business from scammers.

Common scams targeting small business

During the 2022-23 financial year, the average reported cost of cyber crime for small businesses was $46,000 according to the Australian Cyber Security Centre.

Scamwatch explains the most common types of scams relate to:

  • impersonation
  • investments
  • products and services
  • threats and extortion
  • jobs and employment
  • unexpected money

Action to take

Read the National Anti-Scam Centre’s The Little Black Book of Scams to learn more about the ways scammers can contact you, how to protect yourself and where to find help.

How to protect your business from scammers

If you’re unexpectedly contacted or threatened by someone claiming to be from a government agency or trusted business the most important thing to do is stop and check if it’s the real deal.

  • Don’t be pressured into acting quickly. While this can be hard if you have someone on the phone making threats, taking a step back and allowing yourself time to check details can help you realise that a call or message is actually a scam.
  • Contact the organisation or government agency independently to verify that they actually contacted you. Use the organisation’s contact details from a legitimate information source, like their official website. Never use the contact details provided by the caller or in the email unless you have verified that they are correct.
  • Ignore threatening emails or voicemail messages asking you to call someone back. If you do, the scammers may increase their intimidation and attempts to get your money.
  • Never send money or provide your bank account details, credit card details or other personal or business information to anyone you don’t know or trust, especially over the phone or via email.
  • If a customer or supplier emails you to change their delivery or payment details, phone them to confirm this change. We’ve heard from many small business owners who have been caught out by scammers sending them false billing scam emails, which has resulted in them making large payments to scammers, thinking that they were their supplier.
  • Enable ‘multi-factor authentication’ on your smart phone or online payment systems (if available). Multi-factor authentication provides an extra layer of security for your smart phone and when you make payments as you’ll need to carry out two actions (eg. enter a password and provide a code which was sent to you via text message) to confirm that this is the correct device and you are the account owner.
  • Remember that a government agency or trusted business will never ask you to pay by unusual methods such as with gift vouchers, iTunes cards, wire transfers or bitcoin.
  • Don’t open suspicious text messages, pop-up windows or emails and don’t open attachments or click on links – just delete them.
  • Never provide remote access to your computer if you’ve been contacted unexpectedly by phone, pop-up window or email, even if they claim to be from a well-known company like Telstra, Microsoft or an Internet Service Provider (ISP) like iiNet.
  • Make sure your employees are aware of the risks of scams and let them know what you expect them to do if they are contacted by a potential scammer.

More information

The Australian Cyber Security Centre's resources for business has a rundown on the online security practices you can put in place to protect your business.

The Scamwatch website also has a range of information and advice to help protect you against scams. This includes tips for small business owners, a guide explaining the help available to scam victims, and an online scam reporting tool.

Legal and risk
27 November 2023