It is well reported that cybercrime is growing faster than any other crime in the world and has a global value of $600 billion. One in two businesses say they have been the victim of economic crime or fraud in the past, according to a PriceWaterHouseCoopers (PwC) survey published in June 2018 of more than 7,000 organisations across the globe.
The estimated cost of BEC in Australia alone is $1 billion per annum.
In the PwC survey, of the respondents who considered cybercrime the most disruptive form of crime, 14% had lost $1m or more. And experts have reported that approximately 90% of cyber frauds begin with or involve an email.
In that context, eftsure, has partnered with Crime Stoppers NSW in an effort to curb cybercrime with a particular focus on one specific and fast growing aspect of cybercrime – Business Email Compromise (BEC) – a fast growing online scam putting Australian businesses in Australia and overseas at risk.
BEC is a damaging form of cyber fraud. It takes advantage of a gap in payment systems and uses social engineering (rather than technology) to dupe businesses into believing supplier bank account details have changed. This leads to them paying into the wrong account. The result is devastating financial loss that is extremely difficult, if not impossible to recover.
There are few, if any, singular tools to prevent losses from BEC, however eftsure, in uniquely being able to flag erroneous or fraudulent payments before they’re made, is one such tool and a powerful preventative measure. Established in 2016 and founded by a team of banking technology and accounting professionals – Mike Kontorovich, Ian Mirels and Mark Chazan – eftsure provides specialised technology to businesses to validate the integrity of their payment data, raising an alarm before payment is made into the wrong account. To date, eftsure has protected over $3.5 billion in payments in Australia.
When running a BEC scam, fraudsters don’t attack a company directly but rather infiltrate its suppliers’ e-mail systems so that they can send what appear to be real invoices to the targeted company. The invoice is sent from a legitimate address and contains what looks to be a legitimate invoice. However, the bank account details will have been changed. Because the banking system does not allow for account names to be checked against BSB and Account Numbers at the time of payment, companies are unknowingly making payments to the hacker’s account.
“The explosive growth in business payments fraud is fuelled by a perfect storm of social engineering, identity fraud and gaps in payment systems. Businesses aren’t paying who they think they’re paying”.
eftsure’s CEO, Mike Kontorovich
“No one is immune, from small business to large corporations BEC scams are hitting Australia at an alarming rate. These scams are highly sophisticated and financial software systems just can’t keep up. Once payment is made into a fraudulent account it is almost impossible to retrieve,” Mike Kontorovich said.
eftsure advises business owners to undertake four key measures. Firstly, stay up to date on the latest scams and ensure your employees, colleagues and trading partners are also aware. Secondly, implement security hygiene by never sharing passwords acrossmultiple sites or never using weak passwords. Thirdly, establish protocols such as separation of duties and independent verification to bank details. And finally, use new digital tools to enhance payments security.
Know Your Payee solution
eftsure’s “Know Your Payee” technology works with any Australian bank and provides businesses with rich data on suppliers in real-time, raising a red flag if account details are unusual. Leading Australian companies in every major industry from schools to ASX Top 50 enterprises have already signed up for eftsure’s Know Your Payee payments protection service. It’s a small investment that could prevent thousands, if not millions in losses and offers peace of mind.
Director & CEO for Crime Stoppers (NSW), Mr Peter Price AM said, “The extent and growth of cybercrime is staggering and it is transnational by nature so in most instances the perpetrator is offshore. This makes it difficult to investigate, charge and arrest then add the complication of extradition. With all this working against us, the clear opportunity is to equip ourselves better from becoming a victim in the first place. It makes sense for Crime Stoppers to team up with eftsure who can help prevent this crime, making businesses safer and owner operators smarter”.
“The digital world has changed the business landscape. We are solving problems that were historically unsolvable. There is now no need to be ok with the risk and error your company has previously lived with,” added Mike Kontorovich.
Crime Stoppers NSW and eftsure have embarked on an awareness campaign involving workshops, events and marketing, to prevent BEC cybercrimes before they impact Australian businesses.