Increasing Email Security to Avoid Business Email Compromise

The end of financial year and tax return time is a key opportunity for scammers looking to prey on the unwary.

July 12, 2022

The Australian Cyber Security Centre (ACSC) has released advice warning citizens to strengthen their email account security to protect against Business Email Compromise. This is where an attacker will imitate business emails or compromise legitimate business email accounts to provide malicious information to clients.

Some examples of Business Email Compromise:

- Account compromise: a legitimate business email account is compromised and the attacker uses this trusted account to send malicious emails.

- False invoice: attackers send convincing but falsified invoices featuring fraudulent bank details that actually belong to the attacker.

- CEO/Executive fraud: an attacker will present themselves as your company’s CEO or other Executive and request funds be transferred or invoices be paid to a fraudulent account.

Furthermore, the ACSC has provided simple guides on how to secure Google and Microsoft based email accounts.

If you are currently using an email service that cannot be strengthened using the methods suggested by the ACSC, we would strongly recommend you consider migrating to a secure alternative. 

If you or your business have any questions or comments about email security, please feel free to reach out to us.