Costly Email Scam Leaves Business Paying Twice – How to Protect Yours
Cyber scams targeting small businesses are on the rise, and a recent court case serves as a wake-up call for business owners. In Mobius Group Pty Ltd v Inoteq Pty Ltd [2024] WADC 114, an Australian business lost $191,859 in a Business Email Compromise (BEC) scam—only to be forced to pay the invoice again.
What Happened?
Cybercriminals hacked an electrical contractor’s email system and intercepted an invoice sent to a client. The scammers altered the bank details and sent a fraudulent email requesting payment to their own account. Believing the email was legitimate, the client transferred the funds—only to discover later that the real supplier had never received the money.
The Court’s Decision
The court ruled that the business that made the payment (Inoteq) was still liable for the invoice, as the fraud was due to an external cyberattack rather than the supplier’s actions. This decision reinforces that businesses remain responsible for payments even if they fall victim to scams.
How to Protect Your Business
BEC scams are becoming increasingly sophisticated, but businesses can take steps to minimise their risk:
✅ Verify bank details – Always call a verified contact before transferring funds. Never rely on email instructions alone.
✅ Use multi-factor authentication (MFA) – Adding an extra security layer makes it harder for hackers to access email accounts.
✅ Train employees – Staff should be educated on phishing scams and email fraud to recognise warning signs.
✅ Enhance email security – Spam filters and domain protection measures can help prevent scam emails.
✅ Review financial processes – Regularly audit your security practices to identify and fix vulnerabilities.
Why This Matters for Small Businesses
Small businesses are prime targets for cyber scams due to lower levels of cybersecurity. This case highlights that paying an invoice doesn’t necessarily mean your obligation is fulfilled if scammers are involved. Prevention is key to avoiding costly mistakes.
Investing in cybersecurity training and robust financial controls can help businesses stay ahead of cybercriminals and protect their hard-earned money.If you would like more information on how to do this, please contact the Gunnedah Chamber of Commerce.
📢 For more insights and business updates, stay connected with the Gunnedah Chamber of Commerce.
Comentarios