Beware of Christmas Cyber Scams

December 16th, 2021

It’s been a tough year for many businesses out there coping with COVID-19 restrictions and supply chain delays. The last thing any business owner needs is to fall victim to an online Christmas scam!

But unfortunately, scams are on the rise in Australia. According to the latest figures from the Australian Cyber Security Centre, there is now a cyber attack every 8 minutes in Australia.

Learn how to protect yourself from the most common cyber attacks on businesses.

Business email compromise

Business email compromise is where cybercriminals use a fake email domain that looks similar to the genuine email domain of a business. They do it to impersonate employees or the organisation itself to gain the trust of unsuspecting victims. Common examples of business email compromise scams include:

The scammers send fake invoices, and recipients are fooled into transferring money into the scammers’ bank accounts. While this doesn’t directly affect the business financially (only the unsuspecting victims), it can inadvertently damage the business’ reputation in the victim’s eyes. They may associate the scam with the organisation, even though there is no legitimate connection.

  • Asking for employees’ bank details

The scammers impersonate a person in the organisation by sending an email to the business owner or payroll manager containing a change to their bank account details. Of course, the new account details are the scammer’s accounts, and the targeted employees’ next salary or wage payments can be deposited into the scammer’s account. They will have disappeared by the time the scam is discovered.

This scam directly affects the business financially because they will still have to pay their employee the scammed amount.

  • Ordering Goods

The scammers order goods from suppliers by impersonating the business via email. The goods are sent to the scammer’s temporary address, and the legitimate business is invoiced. By the time the scam is discovered, both the scammer and the goods are long gone.

Again, this scam directly affects the business financially because the supplier still has to be paid for the goods supplied.

  • Christmas e-cards

Businesses are moving towards e-cards rather than traditional cards. It’s efficient and cost-effective, however, it provides another opportunity for scammers to get creative. 

Be wary about opening any e-cards you receive, as they can contain viruses or malware designed to steal data from you.

How to protect yourself against business email compromise

Australian Cyber Security Centre statistics show that the average business email compromise scam costs businesses $50,600.

The best ways to protect yourself against business email scams are to:

  • Never open unsolicited emails. Delete them immediately!
  • As fun as they may look, exercise caution when opening e-cards, even if they appear to have come from someone you know. Never click on any links or open any attachments in these emails.
  • Keep your computer updated with the latest anti-virus and anti-spyware software, combined with an up-to-date firewall.
  • Always double-check a requested change to an employee’s bank account details before they are entered into your payroll system (for example, by phoning the employee to check that it’s a legitimate request).
  • Negotiate with your suppliers to send invoices for approval prior to delivery.


Ransomware is malicious software that targets computers and computer systems and makes them inaccessible or unusable. Once your computer or system is infected, the scammers demand a ransom for you to regain access. However, there’s no guarantee that you will regain access, even if you do pay the ransom.

The most common ways that your computer or system can become infected by ransomware are by:

  • Visiting unsafe websites.
  • Opening links in emails or social media from unknown sources.

How to protect yourself against ransomware

The Australian Cyber Security Centre receives at least one new ransomware report every day. The best ways to protect your business against ransomware are to:

  • have appropriate cyber security measures in place (such as up-to-date anti-virus software and firewalls).
  • Regularly back up your business data and store it in the cloud.
  • Avoid visiting unsafe websites (safe websites have a green tick beside them when you search for them in Google to indicate that the site is secure).
  • Avoid opening links in emails or social media from unknown sources. 

With the number of cyber security threats to businesses increasing, it’s crucial to take steps to make sure your business is secure all year round. Changing your processes and ensuring you have appropriate protection software on your computers can help to protect you from these costly scams.

Earlypay has supported Australian SMEs with fast and flexible alternative funding solutions for more than 20 years. Our invoice finance, and asset finance  products allow business owners to proactively manage their cash flow, freeing up your working capital for investing in growth. To chat about whether our solutions could be right for your business, please call us on 1300 760 205.

Earlypay_Email CTA Banner-01-03

If you'd like to learn how Earlypay's Invoice Finance & Equipment Finance can help you boost your working capital to fund growth or keep on top of day-to-day operations of your business, contact Earlypay's helpful team today on 1300 760 205, visit our sign-up form or contact [email protected].