As businesses become smarter and the technology behind them more sophisticated, scammers too become cleverer in the ways they try to siphon off your money.
According to the Australian Payments Clearing Association, fraud transactions amounted to $412 million in lost money in the 2015 calendar year, through almost 1.9 million scams. We may think we're getting smarter and more alert to the potential of a fraudster, but last year saw a rise of more than 150,000 fraud transactions compared to the 2014 calendar year.
It means over the past two years, over $800 million has been lost in payment fraud alone – a risk that every organisation in Australia will want to avoid. What many business owners may not know is that many scams can be avoided through simple information management.
Here are three current scams to watch out for.
1) False billing
False billing is basically when a fraudster gets in contact with a business claiming to be a debtor. Usually done over telephone, mail, email or fax, the person in question will say the target company owes them money for goods or services they have provided.
They will then present you with an invoice for these fictional products in the hope you won't double check your records. Usually only done in small amounts, it's a way for them to take modest quantities of money from you and your organisation with minimal effort.
Still, the Australian Competition and Consumer Commission says that $616,239 was stolen from businesses nationwide in 2015 through false billing, with 4,103 reports lodged against the unsavoury practice. There is also a rather large success rate, with almost one in 10 reports leading to financial loss.
The key here is that the scammer assumes you are too busy to bother checking whether these invoices are real, and that your information structure makes it too time-consuming for you to find out. With simple information governance throughout the organisation, it wouldn't take too much time to spot a false bill and tell the person where to go.
Fraud transactions amounted to $412 million in lost money in the 2015 calendar year, through almost 1.9 million scams.
2) Tech support scams
This method is used to destroy your IT architecture, which, as you can imagine, could be catastrophic to business continuity. The scammer will get in contact pretending to be from a reputable tech company (often Microsoft, considering the number of businesses that use the brand's products).
They will claim you have an issue that needs resolving, and will get to work on extracting sensitive information that will grant them access to your IT network. Once in there, they can cause all sorts of havoc, including hacking into your banking details.
The first important thing to know is that, in the company's own words, "Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes".
The second is regarding your data security. Information might be one of the most valuable assets you have, so the structured governance you place around who has what information and whom they are allowed to share it with should be in place for true risk management.
If you or your employees do end up sharing sensitive details with a hacker, information management also helps to improve business continuity through disaster recovery and lessen downtime.
3) Advertising scams
Scammers can contact businesses claiming to be from a magazine or directory in which you purchased advertising – often months prior.
Often, they will ask you for a "special code" or a word, which they will then use against you as proof that you had indeed paid for this fictitious advertising opportunity. To make you panic, they can also claim the magazine is about to go to print, so need the money straight away.
The scammer hopes the person they're speaking to assumes someone else booked this advertisement, or that they did and simply forgot, so they can extract money or bank account details from you. They will even claim to be from reputable magazines to make it more confusing.
Obviously, you won't want to identify a real magazine with whom you work as a fraudster, so the ability to find accurate records (emails or other correspondence) will help in your endeavour to stay safe.