Top tips to protect your business from scams

Scams aren’t just targeting individuals anymore – businesses are firmly in the crosshairs. With staff handling invoices, approvals, and supplier payments, it only takes one rushed decision to send thousands of dollars into the wrong account.

From January to November 2024, small businesses lost $7.9 million to scams, with false billing and investment scams making up more than $7 million of that total. That’s not just a worrying stat, it’s a real risk for any business, no matter the size.

This Scams Awareness Week (25–29 August 2025), we’re sharing practical tips for business owners and their teams. to stay scam aware. These can be excellent to share with your staff. And the more scam-aware your business, the harder it is for criminals to succeed.

The scams hitting businesses hardest

Here’s a reminder of the most common scams Australian businesses are facing today:

• Invoice redirection scams – Fraudsters send fake invoices or alter bank account details on legitimate ones. The money looks like it’s going to a supplier, but it isn’t.

• Business email compromise (BEC) – Hackers impersonate executives or suppliers, pressuring staff to urgently release funds.

• Phishing attacks – Fake log-ins, system updates, or ATO notices trick staff into handing over credentials.

• Overpayment scams – Someone “accidentally” overpays with a stolen card and requests a refund, leaving the business out of pocket when the payment reverses.

Top tips to protect your business

1. Slow down and verify
Most scams succeed because of a false sense of urgency. Encourage your staff to double-check payment details, especially when bank account numbers change. A quick phone call to a trusted contact on the account could save thousands.

2. Create a culture of awareness
Scam protection isn’t just an IT problem. It’s everyone’s responsibility. Share real-world examples in team meetings, celebrate staff who speak up about suspicious emails, and make it normal to question unusual requests.

3. Train your team regularly

One-off training isn’t enough. Schedule regular refreshers, use scam quizzes, and share real-life scam examples, so your staff can recognise warning signs. You could even consider simulated phishing exercises. Yes, they can feel intense, but these “fire drill” style events often provide valuable lessons. Without ongoing reinforcement, awareness fades quickly.

4. Set up clear payment processes
Have a policy for approving payments. Especially large or unusual ones. Require at least two people to verify changes to bank details or urgent transfers. Clear processes make it harder for scammers to slip through.

5. Invest in security tools
Spam filters, multi-factor authentication, and up-to-date antivirus software are simple but powerful defences. These tools don’t just protect your systems. They give your team extra time to spot suspicious activity.

6. Encourage reporting (without blame)
Many scams get worse because staff feel embarrassed to admit they clicked a link or opened the wrong email. Make it easy and judgment-free for employees to report anything suspicious so you can act fast.

Reporting makes all the difference

Scams are evolving, but so can your defences. By combining strong processes, regular training, and a culture where everyone feels responsible, you can make your business a much harder target. This Scams Awareness Week, take time to check your systems, talk to your team, and make sure your business is ready to spot scams before they succeed. Here’s where to report scams in Australia:

• Scamwatch – Lodge a report at scamwatch.gov.au. This is the official anti-scam body, and your report helps track scam trends and stop fraudsters.

• Your bank – If you’ve accidentally sent money to a scam account, contact your bank immediately to see if the transfer can be stopped or reversed.

• pay.com.au – If a scam payment was processed through pay.com.au, reach out to us immediately so we can investigate and assist.

Written by Dan Withinshaw

Share this blog

About the author

Dan is a content marketing specialist at staging.content.varklin.com who transforms complex rewards programs into compelling stories. Drawing from his Kiwi roots and global adventures, he brings a unique perspective to finding value in points redemptions. With experience in startups and scale-ups, he helps readers unlock the potential of their rewards. Outside of work, you'll find Dan producing music, mixing on the decks, and immersing himself in Melbourne's sports and music culture.