Australian business is experiencing significant pressure under the current pandemic.  We recently released a paper summarising common ways that fraud can impact businesses. This is a brief update to that, reinforcing the need for all businesses to be aware of how criminals may use the current crisis to target businesses.

With much of corporate Australia’s employees now moving to a new set of business practices and processes, the risk of exploitation of new processes may be elevated.

Text messages

NAB is aware of Coronavirus-themed SMSs delivering malicious software to smartphones. The text messages may purport to be from legitimate organisations and request you to click on links or open attachments.

This software is typically designed to steal banking credentials.  A sample of one such SMS is below:

Emails

Phishing email campaigns have been emerging over the last few weeks also, with criminals posing as organisations such as the Centre for Disease Control (CDC) or World Health Organisation (WHO) representatives. These emails can look legitimate, however are all trying to attract more clicks from possible targets.

For large corporate teams, if staff are unwittingly clicking on links, or downloading documents from these emails or text messages, it puts the business at risk of email system breaches, password compromise, invoice fraud, ransomware attack, or dealing with a long term data breach.

Spotting suspicious messages

There are usually a few red flags that can help you spot a suspicious message. These tell-tale signs of a suspicious message include:

• Not from a known email address;
• No greeting – not personalised or a generic greeting;
• Unfamiliar phrases and poor language;
• Designed to panic/annoy – sense of urgency;
• No contact details provided;
• Embedded links; and
• Old/incorrect branding.

If you receive a suspicious or unsolicited message, take a few moments to carefully inspect it before you click on links/attachments, or action any requests.

Learn more about spotting suspicious messages and see NAB’s current Security Alerts.

Should you receive a NAB-themed suspicious message please report these to phish@nab.com.au.

New ways of working

With many organisations working remotely in large numbers for the first time, it’s important to provide your teams with guidance on how they can protect customer and corporate information while working flexibly.

While the current pandemic plays out, and the news is dominated with updates, these types of scams will continue.

The good news is there are lots of practical steps businesses can take to better protect themselves online, now and into the future.

Please ensure that your business considers this within crisis management planning, and in making changes to business operations during this challenging time.

NAB Security Hub

NAB has a dedicated Security Hub with information for business on how they can strengthen their cyber and fraud defences –  nab.com.au/security.

As a starting point, we recommend reading the below articles:

• ‘First line of defence for cyber threats’: information on NAB’s partnership with Cisco to provide a discount offer on the same security software NAB uses, Cisco Umbrella
• ‘Email-based threats’: a practical guide to recognising email-based threats, including phishing, invoice scams and business email compromise
• ‘Safely storing your data’: the importance of backing up your information as a business continuity process
• ‘Multifactor authentication’: what is it, and why it’s critical that you enable it to protect your business email being compromised, and
• ‘Building employee awareness of cyber safety’: a guide to ensuring your employees are aware of the critical role they play in protecting your business.

Lastly, download our Cyber Security Toolkit to help you protect your business online.

Want more info?

An excellent reference for further technical strategies you can put in place is the Australian Signals Directorate’s website, which can also be used to report if you have been a victim of cybercrime: cyber.gov.au

Important Information

This material has been prepared by personnel in the Corporate and Institutional Bank division of National Australia Bank. It has not been reviewed, endorsed or otherwise approved by, and is not a work product of, any research department of National Australia Bank and/or its affiliates (“NAB”). Any views or opinions expressed herein are solely those of the individuals and may differ from the views and opinions expressed by other departments or divisions of NAB.

Any advice contained in this material is general and does not take into account your objectives, financial situation or needs. You should consider whether the advice is suitable for you and your personal circumstances.

This material is intended merely to highlight market developments and is not intended to be comprehensive and does not constitute investment, legal, accounting, hedge accounting or tax advice, nor does it constitute an offer or solicitation for the purchase or sale of any financial instrument or a recommendation of such product or strategy.

nabgroup.com

©2020 National Australia Bank Limited ABN 12 004 044 937