20th July, 2023
At MYOB, we understand the invaluable role we play in helping your business thrive.
As an industry leader in business management solutions, our commitment encompasses the safety and security of your business data — a responsibility we take very seriously.
Recently, there has been a surge in phishing attacks globally. These cyber threats are not directed at a specific business sector; they affect everyone — SMEs, start-ups, and individuals alike.
This is why we deem it crucial to equip our customers with knowledge about these attacks, how to recognise them and how to protect against them.
Tara Whitehead, MYOB’s Security Engineering Lead, says the best place to start is maintaining good cyber security habits.
“The first step to avoid falling victim to a phishing attack is to always remain vigilant,” she says.
“If an email or message seems suspicious or too good to be true, it more than likely is. Look for the signs, such as misspelled words, urgent language, or requests for sensitive information.
“Never click on a link or download an attachment from an unknown source. Cybercriminals often hide malware in seemingly harmless files or links. If you’re unsure about the origin, it’s better to err on the side of caution and avoid interacting with it.”
In 2021-22, the Australian Cyber Security Centre (ACSC) received over 76,000 cybercrime reports, an increase of nearly 13 per cent from the previous financial year. This equates to one report every 7 minutes.
The ACSC’s Cyber Security Hotline received over 25,000 calls, an average of 69 per day and an increase of 15 per cent.
Because of this spike in cybercrime, there was a concurrent increase in financial losses due to business email compromise (BEC) to over $98 million, an average loss of $64,000 per report.
This saw a rise in the average cost per cybercrime report to over $39,000 for small businesses, $88,000 for medium businesses, and over $62,000 for large businesses, an average increase of 14 per cent.
Phishing attacks primarily aim to trick you into sharing sensitive information like usernames, passwords, credit card details, or business data.
They commonly masquerade as trustworthy entities, often mimicking the look and feel of legitimate emails, messages, or websites.
“The best defence against phishing attacks is education and awareness,” Tara says.
“Understanding what phishing looks like, how it works, and how to report it can significantly reduce your risk of falling prey to these schemes.”
Identifying a phishing attempt is the first line of defence. Key indicators can include:
As a part of our dedication to cyber security, we have taken several proactive measures to protect and defend our systems and services:
Secure platform: MYOB employs state-of-the-art encryption technologies to help keep data as secure as possible. We adhere to the best practices in data storage and continually enhance our security infrastructure.
Constant vigilance: Our team of dedicated security experts works tirelessly behind the scenes to monitor any potential threats and immediately respond to identified risks.
Regular updates: To keep up with evolving cyber threats, we constantly update our systems and incorporate cutting-edge security features. Regular software updates are an integral part of this strategy.
Multi-factor authentication (MFA): This is an extra layer of security to protect against unauthorised access, which may help protect against hackers.
There are also preventative measures we strongly recommend you take that are equally important to protecting you and your business.
Knowledge is power. Staying updated about current cyber threats and security measures can go a long way.
Knowing what to look for is also crucial. Cybercriminals often prey on haste and fear, using urgent-sounding messages to manipulate people into sharing sensitive data.
If a message instils a sense of panic or pressure, take a step back and verify its authenticity.
“Always use multi-factor authentication when it’s available,” Tara says.
“Even if your password is compromised, two-factor authentication creates an additional line of defence.
“Updating your software as soon as updates are made available is also vital. Updates often contain security enhancements and fixes that patch vulnerabilities, helping keep your data secure against new forms of attacks.”
In case of a suspected phishing attack, it’s crucial not to engage.
Report the incident to your manager and, where applicable, your organisation’s IT department and, if relevant, to the entity being impersonated. Change your passwords immediately if you suspect they may have been compromised.
If you believe you’ve been impacted, it’s also a good idea to consider letting your customers know to be alert for any possible scam emails puporting to be from your business.
“After a cyber-attack, it’s natural to feel violated,” Tara says.
“It’s important to remember that you’re not alone. Reach out to your bank and the appropriate authorities. They have procedures in place to help victims of cybercrime.”
You should also report the attack to the ACSC immediately via email (asd.assist@defence.gov.au) or by calling the Australian Cyber Security Hotline on 1300 CYBER1 (1300 292 371).
We’re committed to safeguarding your business operations, and we continually strive to deliver a safe, secure experience.
“Our continuous monitoring and immediate response to potential threats demonstrates our dedication to keeping the MYOB platform safe,” Tara says.
“We’re invested in educating customers about potential threats, helping them stay informed, and empowering them to help safeguard their own data.”
Cyber threats like phishing attacks can cause significant disruption to a business, but by staying vigilant and implementing robust security measures, we can collectively mitigate these risks.
We view data security as a joint venture between us and you, our valued customers.
Cyber security isn’t just about having the right tools, but also about maintaining a proactive and informed stance. Stay vigilant, stay informed, and stay safe.