Cyber criminals scamming businesses of Sydney and the Illawarra out of millions

CYBER CRIME: IT&T ICT Project Manager Dr Sashah Eftekhari, PhD, says small and medium sized businesses need to protect themselves against digital scammers.
CYBER CRIME: IT&T ICT Project Manager Dr Sashah Eftekhari, PhD, says small and medium sized businesses need to protect themselves against digital scammers.

Story in partnership with IT&T.

The small to medium sized business sector is an integral part of the Australian economy. They are also prime targets for cyber criminals and online scammers.

Cyber crime is a major problem in Australia. In fact,the Australian Cyber Security Center received over 67,500 reports in the last financial year, which equates to one reported cyber attack every eight minutes, with self reported losses of more than $33 billion.

Small to medium sized businesses are frequently the targets of these types of scams. That's why both government agencies and cyber security experts are warning business owners to take the necessary steps to protect themselves against these criminals.

Dr Sashah Eftekhari, PhD, is an ICT Project Manager who specialises in Cyber security for a leading Illawarra based MSP, IT&T. He works at the vortex of this issue everyday and says scammers frequently target small to medium sized businesses because they're often unaware of the vulnerabilities in their networks.

The scammers are also becoming increasingly sophisticated in their methods, he warned, that's why it is essential to invest in your cyber security and seek the support of a trusted expert who can maintain and protect your network.

"There are many inlets that malicious authors try to exploit to gain access to remote systems," Dr Eftekhari explained.

"The most common scams we are seeing of late are Business Email Compromise (BEC) scams that are increasing in sophistication."

A BEC scam is when a criminal uses email to impersonate legitimate sources and abuse the trust people have in ordinary business practices.

They do this by impersonating business representatives - by using similar names, domains or fraudulent logos of legitimate organisations - or by using a compromised email account to present themselves as a trusted co-worker.

They can then scam business owners into paying fraudulent invoices; commit identity fraud; gain access to bank accounts; or even negotiate phony business deals, whereby they take possession of goods before paying for them.

BEC scams account for nearly seven percent of the cyber crimes reported in the 2020-21 financial year, with self-reported losses totaling approximately $81,450,000.

"Often these scammers will position themselves as well known legitimate outlets such as the Australian Postal Service/Service NSW/RTA and use scare or shock tactics to motivate the recipient to act quickly," Dr Eftekhari warned.

"Another common exploit vector uses botnets that target business domain names to brute force access to email accounts. Once access is acquired, these accounts are then sold on the dark web, where sophisticated scams are ran against those accounts," he said.

"We've seen these scammers go as far as monitoring an email for several weeks so they can learn how to appear legitimate and send fabricated invoices from the compromised accounts."

Dr Eftekhari says one of the worst BEC scams he has encountered involved a business account with no multi-factor authentication.

"Logs showed that the account had been camped on for several months so that the actor could successfully mimic the company's business processes in a legitimate way," he said.

"They went to great lengths to doctor an invoice from a legitimate client with altered account details. The compromised account holder then unwittingly paid the bill, for over $50,000!"

Shortly afterwards, the account was closed and - to the best of his knowledge - the client is still trying to recover their money. However, it is highly unlikely they will be able to do so.

Another common scam facing businesses is Ransomware Attacks. Ransomware is a type of malicious software (or malware) that gets into your device and makes either your computer or its files unusable. The cyber criminals then demand you pay them to get back your access.

In one of the worst cases Dr Eftekhari has encountered, a business was targeted after their network was compromised due to inadequate security provisions on their remote access.

"Their entire network was crippled, fortunately they had backups. However, due to a passive DR plan... (it resulted) in four days of complete data loss," he said.

Desperate, the business owners paid the ransom, to little avail. Their Bitcoin was stolen and they had no way of recovering it.

"(The attack) resulted in around two days of complete downtime, with IT engineers working until midnight on both days to get the site operational again," Dr Eftekhari said.

"Six months later the business closed. We believe the cyber incident was a factor as we understand they lost clients and struggled to acquire new ones as a result of the loss of trust caused by the breach."

Dr Eftekhari says both of these incidents could've been avoided had the businesses had the right cyber security measures and a trusted expert in place to keep their processes relevant and up to date.

Neither had engaged managed services with IT&T prior to the attacks, he said. By the time they took action, the damage had been done.

If there is one lesson for business owners, he says, it is that there is no "common sense" approach to avoiding scams in the digital age, they are simply too sophisticated. That's why you need to protect yourself before they happen.

"There are no shortcuts and obvious red flags to look out for in today's IT landscape, there are simply too many vectors of vulnerability to truly be safe," he said.

"As a first port of call, small and medium sized businesses need to get in touch with a trusted expert and have their business aligned to the ACSE's Essential Eight framework," he continued.

"And, should they not engage with ongoing professional managed IT services, they must have a plan in place to regularly revisit and maintain and audit IT security across their business."

IT&T offer a wealth of services to ensure that all clients who adopt a managed service comply with the ACSEs Essential Eight framework, at minimum.

For new clients, during the new customer onboarding process, they also conduct a thorough audit. This ensures any potential weaknesses across the network are brought to light and the client has the opportunity to resolve them constructively.

For more information visit: https://itt.com.au/

This story Cyber criminals scamming businesses of Sydney and the Illawarra out of millions first appeared on Illawarra Mercury.