“Australian organisations are encouraged to urgently adopt an enhanced cyber security posture. Organisations should act now and follow ACSC’s advice to improve their cyber security resilience in light of the heightened threat environment.”
This ominous warning from the Australian Cyber Security Centre (ACSC) comes following the attack on Ukraine which has resulted in a heightened cyber threat environment globally and, as a result, the risk of cyber attacks on Australian networks, either directly or inadvertently, has also increased.
As a business owner or individual agent, you can no longer leave cyber security just to your IT department and hope they’re doing everything required to prevent attacks on you and/or your business. You and your staff also need to be aware of what to look out for to avoid being scammed – possibly resulting in a loss of data, money or both.
If an attack successfully infiltrates your cloud-based accounting or trust accounting systems (and who doesn’t use cloud-based everything nowadays!?), scams can also result in a loss of revenue for your clients as well.
Facebook Scam Alert
An email has been making the rounds recently, reporting to be Facebook, with a message that your Facebook Page has violated Facebook’s rules. The email states that in order to stop your Page from being suspended, you need to lodge a claim via the link provided in the email.
The obvious, but not so obvious, giveaway that this is a scam is the ‘from’ email address -> @post.xero.com. You might not notice it at first glance as the email itself is formatted very similarly to a Facebook support email. But it’s not from Facebook at all – it’s a scam.
By following the instructions in the email, you are risking your Facebook, Instagram and (possibly) Xero accounts being compromised.
What to do if you receive this email:
- Don’t click on any links and don’t forward it to anyone
- Mark the email as spam and delete it
- Make your team aware of the email and advise them to follow these same steps if they receive the email
If you have received this email and you inadvertently clicked on the link and followed the instructions in the email, we’d recommend changing your passwords on all of your Facebook-related assets (Facebook, Instagram, Whatsapp etc) as well as Xero immediately and turning on two-factor authentication for all users who can access these accounts.
If you want to be sure that there are no issues with your Facebook Page, you can check the status of your Page via the Page Quality tab when logged into your Facebook Page. If there are no restrictions or violations showing up here, this is yet another telltale sign that the email above is a scam.
You’ve worked hard to get your business to where it is today, but one successful cyber-attack could be all it takes to cause significant damage to your organisation and reputation. Cyber threats are becoming more sophisticated with advances in hacking, malware and social engineering techniques. One security breach could corrupt your business’s critical data, causing financial loss, reputational damage and liability to third parties.
Do you have everything in place to protect your business as best you can? I certainly hope that you do, or that you will.