Hooked by the phishers
SAMEA Maakrun only realised she was the victim of cybercrime when she returned from her honeymoon in the Maldives to get a call from a wine company, confirming her “purchase” of $6500 of cognac.
Ms Maakrun, a skincare business owner from Miranda, immediately tried to log in to her accounts only to find her passwords no longer worked.
She immediately called both of her banks, Westpac and St George, who each gave her temporary access. Her worst fears were confirmed — more than $130,000 had gone from both her bank and Paypal accounts, with transactions of around $25,000 each made to offshore accounts. But the nightmare was just beginning.
“The wine merchant said he had my passport and credit card details, which I believe had been accessed from my email account after I used them to book my hotel in the Maldives,” Ms Maakrun said.
“I went to the police but they said there was nothing they could do.
“I then found that my phone had also been diverted. It got to a point where I had to put my business on hold because I couldn’t operate. I felt like I was the criminal.”
Almost five months later and multiple phone calls to the police and the banks, Ms Maakrun was refunded her money, although the perpetra- tors were never found. The Sasy n Savy business owner has linked her cybercrime attack to four men posing as potential clients who visited her office a few days before her honeymoon last July. She believes they went as far as “bugging” her office.
An office of the NSW Small Business Commissioner survey to be released today shows Ms Maakrun is one of hundreds of small business owners who have been the victim of a cybercrime attack.
The survey of 1400 small and medium sized businesses also revealed around half of the companies felt their lim- ited online presence — a business website with contact details and social media — meant they felt less exposed to cybercrime.
But NSW Small Business Commissioner Robyn Hobbs warned this was not the case.
“Doing business online can open up huge opportunities but small businesses need to take full account of the risks. For example, something as simple as using email every day or taking a phone call can present a big cyber security risk to any business,” she said.
“Around half of cyber security incidents target small businesses and almost 60 per cent of cybercrime impacts small and medium-sized businesses.”
Ms Hobbs urged business to manage cyber risks by educating staff, continuously updating software, using two-factor identification for emails and payments and encrypting important customer files.
Ms Maakrun said she has since had her office debugged, installed security and deployed high-level security on her servers, which hides her IP address.
She also urged small business owners to re-evaluate their security to avoid becoming embroiled in a similar “nightmare”.