Find out how business owners can protect themselves from these growing threat
Nearly 90% of scam reports by Commonwealth Bank’s business customers in financial year 2024 came from small businesses, with more than half of losses linked to investment scams, according to new data from the bank.
CommBank’s report highlights investment scams, phishing, and business email compromise as the most common fraud types affecting small businesses in Australia. Investment scams, in particular, lure victims by offering false money-making opportunities with promises of high returns, often appearing to come from legitimate sources.
Small business owners are seen as particularly vulnerable to these scams due to their access to disposable funds for potential investments. On average, these businesses lost around $30,000 to investment scams, according to the bank’s findings.
“If a business owner or leader falls victim to an investment scam, it’s not just the business that could be compromised, but also the jobs of the people who work there,” said Rebecca Warren (pictured above), executive general manager of small business banking at Commonwealth Bank.
While CommBank noted an overall decrease in scam-related losses among its customers, small businesses remain a key target. The bank said it has invested more than $800 million to combat fraud, scams, and cybercrime, utilising technologies such as NameCheck, CallerCheck, and CustomerCheck to assist in preventing fraud. However, Warren stressed that technology alone is not enough.
“While the bank’s technology is designed to help detect and prevent fraudulent activities, it is crucial for customers to take proactive steps to protect themselves,” she said. ‘It is imperative that they know what to look out for.”
Warren shared key advice for small business owners to safeguard against scams, starting with recognising red flags in investment offers.
“Investment opportunities that offer high returns with little or no risk are likely fake and coming from a scammer,” she said. “Be wary of any unsolicited online contact, including people reaching out via social media or sponsored ads.”
In addition to vigilance, Warren urged small businesses to train staff on scam prevention and basic cybersecurity practices, such as using strong passwords, multi-factor authentication, and staying informed about phishing schemes. She also recommended implementing clear payment processes, including verifying payment details with beneficiaries and separating payment approval duties.
Warren advised companies to keep software up to date, enable auto-updates, and install reputable antivirus programs to reduce the risk of cyberattacks.
CommBank, in partnership with Telstra and the Council of Small Business Organisations Australia (COSBOA), has also launched the Cyber Wardens program to help small businesses enhance their cyber resilience and security practices.
As scams become more sophisticated, Warren emphasised the importance of staying informed and cautious.
“Scams are least effective when people stop, check, and then reject,” she said.
Want to be regularly updated with mortgage news and features? Get exclusive interviews, breaking news, and industry events in your inbox – subscribe to our FREE daily newsletter. You can also follow us on Facebook, X (formerly Twitter), and LinkedIn.
