Input search
Search service error

 

Protect your business: how to spot and stop a scam

 

Avoiding scams is an everyday reality for Australian businesses. That’s why we’ve put together a simple guide to spotting and stopping a scam before it starts, to help you stay one step ahead. 

 5 minutes

Three common scams to watch out for 

 
Swipe for more
Technology icon
1. Beware of business email compromise (BEC)

BEC is a sophisticated scam that’s becoming increasingly difficult to detect. It involves a scammer or fraudster gaining unauthorised access to a business’s email account, allowing them to impersonate employees, including senior leaders. 

The scammer’s goal is to trick you or your customers into transferring money to a fraudulent account. Often, the scammer will fake an urgent payment request from a normally trusted email address. 

You should always independently verify any payment requests, especially those that are unexpected, significant, or involve new banking details. You should advise your customers to do the same.

People talking icon
2. Scammers in disguise: the impersonation trap 

The goal of an impersonation scam is to trick you into thinking you’re dealing with a trusted organisation or supplier. Scammers often take advantage of the volume of emails and invoices a business receives day–to-day, hoping theirs will slip through the cracks. 

Make sure you verify payment or information requests independently, and if in doubt, verbally confirm these details using a trusted phone number – not one provided in the suspicious message, email or invoice. You should advise your customers to do the same.

Remember, the organisations and suppliers you work with can experience BEC, so it’s important to verify unexpected requests, even if they come from a trusted email address. 

Finger pointing icon
3. Don’t take the bait: phishing scams 

Phishing is also a form of impersonation, involving scammers impersonating legitimate organisations, such as banks, government agencies, or even your own suppliers, via email, SMS, or phone call. 

The scammer’s aim is to trick you into revealing sensitive information such as bank or payment details, passwords, or customer data. It’s important to think before you click. Is the request unusual, urgent, or out of character? If something doesn’t feel right, trust your instincts and don’t respond.

  

Steps to help stay secure 

When it comes to Australian businesses staying safe from scams, it’s not a set-and-forget. Maintaining vigilance, having clear processes and keeping knowledge up to date are all important parts of staying secure. Make sure you: 

Always verify payment requests

Verbally confirm any request to change bank account details with a known contact – and never use the details provided in the suspicious message. Remember, while tools like Confirmation of Payee are helpful in matching a payee’s details to the correct person or business, independent verification is still a key part of staying protected. 

Provide regular training 

Everyone is a target for scammers in a business, including client-facing or administration staff who handle payments or high volumes of emails and phone calls. It’s important to foster a culture of caution, and encourage your team to verify, question, and double check anything unusual. 

Secure your systems

Your technology and software are important lines of defence. Make sure it’s kept up to date, and wherever possible, enable two-factor authentication as an additional layer of protection. You can also consider trusted software that monitors for malicious activity and phishing attempts.

Stay wary of unsolicited contact

Treat unexpected emails, text messages, or phone calls with suspicion, especially if they create a sense of urgency or pressure you to act quickly. Scammers often rely on panic and fear to get access to data or payment information.

You can stay one step ahead 

Scams are an unfortunate reality for Australian businesses, but with awareness and proactive measures, you can reduce your risk. Regularly review your processes, educate your team, and stay up to date on the latest scam tactics. By making security a priority, you’ll help keep your business safe.

Additional Information

The information in this article was finalised on 28 November 2025.

This article was prepared by Macquarie Bank Limited ABN 46 008 583 542 AFSL and Australian Credit Licence 237502 and doesn’t take into account your objectives, financial situation or needs – consider if right for you. The information provided is informed by resources published by the ACCC’s ScamWatch and the National Anti-Scam Centre.