Source: Radio New Zealand
123rf.com
Half of small and medium sized businesses (SMEs) have been targeted by scams over the past year, costing victims an average of $5000 each time.
BNZ said its latest survey indicates a concerning gap in scam defences deployed in SMEs, as nearly half struggled to prioritise scam education and cyber training for staff.
Nearly two-thirds (64 percent) of SMEs said scam activity had increased in the last 12 months, though 45 percent did not consider cyber education a key priority.
“Technology is a vital layer of defence, but an educated team is just as important. When staff feel confident spotting the signs, they become the business’s best asset against scams and fraud,” BNZ head of fraud operations Margaret Miller said.
She said scammers were good at exploiting security gaps. Security could be breached by clicking an email link and opening a message, about 50 percent of the time.
“Business owners are alert to the danger, but they are also time-poor and juggling multiple priorities. The reality is that scammers are becoming increasingly sophisticated in their tactics.”
She said 53 percent of business owners rated themselves as “prepared” for a scam, while the data showed 49 percent of that same group still engaged with a scam attempt.
“Scammers know that breaking through technical security is difficult, so in many cases they’re bypassing the technology entirely and targeting the person sitting at the keyboard . . . targeting the busy human at the desk who is clearing invoices or answering the phone.”
She said the costs to businesses averaged $5000, but the consequences could be more significant.
“Of the SMEs that fell victim to an online scam, 21 percent suffered a business financial loss and 26 percent a personal financial loss, while 30 percent suffered data loss.
“Scammers aren’t just after your business accounts. The data shows they are often successful in targeting personal finances or the business’s data, even if they don’t manage to steal money directly from the company accounts.”
Cold calls and fake invoices on the rise
Miller said the data also indicated businesses were far more likely to be targeted by “old school” deception than high-tech hacks.
While only 2 percent of businesses were targeted by ransomware, traditional deception and social engineering scams were much more prevalent:
- 27% of businesses were targeted by cold calls requesting sensitive company information
- 17% faced bank impersonation attempts
- 10% encountered invoice scams involving altered bank details
“Scammers prey on the fact that when we’re rushed, distracted, or juggling multiple things we’re more likely to act first and think later,” she said, adding there were tools available for businesses to use, such as two-step authentication for logins, and the ability to require two separate approvals for any payment.
“We encourage all business owners to use free resources to upskill their teams – whether that is through the Own Your Online platform operated by the National Cyber Security Centre, Netsafe, or the tailored scam information for businesses available on the BNZ website.
“It is one of the most effective ways to protect your business from financial loss.”
Sign up for Ngā Pitopito Kōrero, a daily newsletter curated by our editors and delivered straight to your inbox every weekday.
– Published by EveningReport.nz and AsiaPacificReport.nz, see: MIL OSI in partnership with Radio New Zealand
