1300 249 268
Get Quotes

Covers

Who it’s for

Savings

How to buy

Need Help?

Blog

4 Common Scams Targeting Small Businesses in Australia 
25 Aug 2025

4 Common Scams Targeting Small Businesses in Australia 

Scam Awareness Week takes place from 25 to 29 August. The theme for 2025 is “Stop. Check. Protect.” This national campaign aims to shine a light on the latest scam trends, give practical tips for spotting red flags, giving Australians the power and knowledge to take action before it’s too late. 

For small and medium business owners, the message is especially important. Scams are becoming more sophisticated, blending convincing stories with technology that makes fake messages and websites look legitimate. A single successful scam can drain thousands of dollars, compromise sensitive data and cause major disruption to your operations. 

In this blog, we look at scams in action, the most common scams reported in Australia, and simple steps you can take to protect your business.  

Why small businesses are a target for scammers 

Small businesses are often a target for scammers because they often have less resources dedicated to cybersecurity than larger organisations, but the data and information they hold can be extremely valuable. 

Many big businesses tend to have a dedicated IT team that manages cybersecurity. But this is not an option for the vast majority of small and medium businesses. In most cases, these smaller businesses operate within strict budgets and staff usually have to wear more than one hat. This means there is generally less time available to spend on cybersecurity training, and less time spent double-checking every invoice, email or phone call that comes in.  

Scammers know this. And even for savvy small business owners, scams are becoming increasingly hard to spot.  

Scams are getting smarter and more expensive for victims 

From January to May last year, 119,876 scam reports were made and the combined monetary loss equalled $114,819,743. Compare this to the same reporting period in 2025, which totalled 90,108 reports but had a combined loss of $147,246,100.   

These numbers tell a worrying story – that scams are getting smarter and more targeted, which is having a devastating financial impact on victims. Today’s scams are increasingly being powered by technologies like artificial intelligence (AI), which makes them more convincing and harder to detect. 

Real-life scam scenario 

Could this happen to you? 

A retail shop received an invoice from a supplier, requesting payment for an outstanding debt of $27,000. Information for the account the money was to be paid into was included in the email. The retailer promptly transferred the money to the account as instructed.  

It wasn’t until a week later that the retailer realised they had been scammed. The payment had been transferred to a hacker who had sent a fraudulent phishing email. This is what’s known as a false billing scam or invoice fraud. 

The retailer held Cyber Liability insurance, however the policy did not include optional social engineering cover. This meant that the retailer was unable to claim the direct financial loss – but their insurer did cover $7,500 in remediation costs related to the attack. 

4 Common scams that could target your business 

According to data collected from Scamwatch and the National Anti-Scam Centre, these are some of the more common scams that are likely to catch small businesses off guard.  

1. Investment scams 

Investment scams are one of the costliest types of scams that can impact small businesses. According to data gathered by Scamwatch in the first five months of 2025, the financial impact of a single investment scam averages $7000. 

Investment scams hook business owners with promises of high returns on shares, cryptocurrency, property or other ventures. Scammers approach a target with an offer that sounds too good to be true. To make their offer seem like the real deal, scammers might show you a professional website and official documents and other accompanying props. In these types of scams, the investment opportunity either doesn’t exist or the money is siphoned off before you see a cent in profit. 

2. Phishing scams 

Phishing scams are a type of social engineering attack that come in the form of fraudulent emails, text messages or calls designed to trick business owners into revealing sensitive information. This could be anything from bank details and passwords to customer data. These scammers often pretend to be from trusted organisations such as banks, suppliers or government agencies. 

According to Scamwatch data the biggest increase in reported losses came from phishing scams from 2024 to 2025. From January to May 2025, 30,149 phishing scams were reported to Scamwatch which accounted for an eye-watering $14,579,089 in financial losses. 

3. False billing scams 

Also called invoice fraud, false billing scams involve sending a fake bill for goods or services you never ordered, or altering the bank details on a legitimate invoice.  They rely on looking ordinary enough to pass through without scrutiny – just like in the above claims example.  

Scamwatch has found that false billing scams are one of the most common types of scams impacting Australians. As a small business owner juggling multiple duties, letting a fake invoice slip through undetected can be surprisingly easy to do. 

4. IT support scams 

IT Support scams involve someone pretending to be from a reputable tech company (such as your IT provider) claiming there’s an urgent problem with your computer, email or business systems. They might say your account has been hacked, your software licence is expiring, or your computer is infected with a virus. Their goal is to trick you into paying for fake “repairs” or giving them remote access so they can steal data. This is why IT support scams are also referred to as remote access scams. 

These type of scams can be highly effective, because they’re relying on small business owners to not have an extensive knowledge of technology and IT systems. By contacting a target out of the blue and using urgent, alarmist language, scammers can make their targets panic enough to not double-check whether the emergency is real or not.  

Simple steps to protect your business from scams 

Protecting your business doesn’t have to be complicated or expensive. Here are some practical steps you can start using today: 

  1. Enable multi-factor authentication on all key accounts, especially email and online banking. This adds extra protection even if your password is stolen. 
  1. Pause and verify before making payments or changing supplier details. As the theme for this year’s Scam Awareness Week states, “Stop. Check. Protect.” 
  1. Keep software and security systems up to date to patch weaknesses scammers could exploit. 
  1. Back up important data regularly (ideally to both the cloud and an offline drive) so you can recover quickly after a data breach or ransomware attack. 
  1. Create a simple cyber incident response plan so everyone on your team knows how to handle suspicious emails, calls, or payment requests. 
  1. Keep contact details for your IT provider and domain registrar handy so you can respond quickly if something goes wrong. 

Stay scam-smart and up to date 

No business is completely immune to scams. But being informed is one of your strongest defences. Simply knowing what to watch out for can significantly reduce your risk.  

It may also be worth considering Cyber Liability insurance. This type of insurance is designed to help protect you from claims and support your profitability in the event of a cyber breach or attack. Costs associated with defending a cyber claim are also covered. Examples of the types of risks Cyber Liability insurance can assist with are unintended loss or release of customer personal information, cyber crime, cyber extortion/ransomware and business interruption due to a cyber event. You also have the option to add cover for social engineering, phishing or cyber fraud. 

BizCover helps make quoting and buying insurance easy. You can compare multiple Cyber Liability insurance policies in minutes, saving you time and giving you peace of mind. Get a quote today and help safeguard your business from scams and cyber attacks.  

For on the go cover, go BizCover.  

This information is general only and does not take into account your objectives, financial situation or needs. It should not be relied upon as advice. As with any insurance, cover will be subject to the terms, conditions and exclusions contained in the policy wording or Product Disclosure Statement (available on our website). Please consider whether the advice is suitable for you before proceeding with any purchase. Target Market Determination document is also available (as applicable). © 2025 BizCover Limited.

Categories

,

Why choose BizCover

Save time

by buying online in minutes

Save money

by comparing quotes from multiple insurers

Get Quotes

Trusted by over 270,000 small businesses

Get Quotes

Breath easy knowing you’re in good company

Join 270,000 others in trusting BizCover

Breathe easy knowing you’re in good company

Get FREE Quotes Today

Similar Blogs

Scam Numbers are Down But Costs Are Up, New Data Shows 
Scam Numbers are Down But Costs Are Up, New Data Shows 

At first glance, it might seem like good news: according to the latest statistics from Scamwatch, the number of reported…

Learn More
The Buyer’s Guide to Small Business Digital Assets 
The Buyer’s Guide to Small Business Digital Assets 

When buying an existing business, most people focus on the obvious things like physical stock, equipment, premises or staff.   But…

Learn More
9 Cyber Hygiene Best Practices for Small Business Owners
9 Cyber Hygiene Best Practices for Small Business Owners

When was the last time you gave your digital habits a check-up? Just like personal hygiene helps keep you healthy,…

Learn More
BizCover Logo

Claims

Contact Us

1300 249 268

Get Quotes