iscover
iscover 
ANZ has urged customers to stay alert to the warning signs of business email compromise and fake invoice scams, also known as payment redirection scams, as cyber criminals continue to exploit weaknesses in email systems and financial processes.
Small and medium-sized businesses are most frequently targeted in these scams, as their technology infrastructure is often simpler to breach than that of larger organisations. Once cyber criminals gain access to a business’s internal systems, they can manipulate invoice payment details, tricking recipients into sending funds to fraudulent accounts.
According to the federal government’s Annual Cyber Threat Report, almost $84 million in self-reported business email compromise losses were recorded across Australia during the 2023–24 financial year. The majority of these reports were lodged by small businesses.
Scams portfolio lead Ruth Talalla said: “Scams remain an ongoing challenge for Australians, with cyber criminals increasingly adopting sophisticated practices such as BEC and fake invoice scams to exploit consumers.
“We encourage business owners and individuals to be on high alert and double-check all details before making any payments. If you receive an unusual or unexpected payment request, notice updated details on an invoice, or are making a payment to a new account, it’s important to verify the details directly with the legitimate company or person before sending funds.”
Signs of potential scams include unexpected contact methods or requests for information or payments from unfamiliar email addresses or social media accounts, particularly platforms like WhatsApp. Changes to payment details on an invoice should always be checked against past versions and verified directly with the supplier or individual.
Cyber criminals often use email addresses that mimic legitimate domains, making it essential to compare sender domains with official company information.
Even well-written messages can be fraudulent, though poor spelling, odd formatting, or an unusual tone are common warning signs. A missing or fake email signature may also indicate scam activity, so recipients should look out for inconsistencies with official communication formats.
ANZ is encouraging businesses and individuals alike to take extra care with email communications and to implement stronger internal controls to help guard against these increasingly sophisticated scams.
[RELATED: Telstra and CBA continue fraud prevention team-up]
