Preparing for EOFY tax scams with business and cyber resilience

Every end of financial year (EOFY) season involves a rush by Australians wanting to get their tax returns completed. Increasingly, though, this period is seen as an opportunity for bad people to take advantage of us.

.

Too often the EOFY rush involves hastily clicking on links, giving personal information to the wrong person, or submitting documents to insecure portals or sites. One in four Australians experience a scam related to EOFY or tax matters, and these scams are not just limited to the June 30 date. In the months leading up to and following, scammers are leveraging a broad range of tactics from texting links to fake ads offering the recipient a tax refund.

For businesses, the threats are just as severe. Yet, half of organisations lack a comprehensive approach to assessing cyber resilience. In response to the growing threats and need for businesses to take preventative measures, the recent federal budget included a $23.4 million investment into a Cyber Wardens program, which aims to train up to 60,000 wardens in SMBs within the next three years.

While this is a progressive step, more needs to be done to ensure every business across Australia is equipped to mitigate the impact of cyber threats, particularly organisations managing Australians’ finances ahead of the EOFY period.

While the government initiative is welcome the best steps for any business, as a starting point, are:

  1. Ensure two factor authentication is turned on wherever it is available.  This should apply to platforms such as cloud-based e-mail systems, client portals, and payments systems.
     
  2. Change your passwords.  It is a fact that many of us use the same password for a lot of logins.  The reason for this is simply, so many passwords!!  However, the best answer is to use an identity & password manager solution such as Dashlane, LastPass, NordPass, or 1Password.  This way you only need to remember one password to gain access to all the others.
     
  3. Your Internet connection (router) is a point of significant threat.  Few routers are actively managed which leaves many opportunities or hackers.  The best solution is to ask your existing IT supplier, if they have the expertise, to ensure your router’s firewall(s) are shutting out the outside world. 
     
  4. A person within the business does need to be able to provide oversight that proper strategies are actually implemented and who can understand what their IT people are saying about their routers and firewall(s).  The government initiative noted above may help small businesses train such a person.  This is not saying a staff member needs to be an IT expert, but they do need to be able to understand what they are told and/or read.  Basic education and training can be enough but extra and ongoing training is increasingly important.

Be on your toes.  While cyber threats are often assumed to come externally from an aggressive attack by someone in a hoodie in a bunker overseas, the reality is many risks come from employees skipping over seemingly complicated approval processes, subscribing to popular apps or products that may not meet compliance requirements, or not checking whether they actually need to use a third party tool or if the same outcomes could be reached with an approved tool already used within the organisation. Make sure your own people aren’t opening the gates to the enemy.

Finally, don’t stop with the above. Cyber criminals around the world are savvy, persistent, and increasingly well-resourced. While they may be targeting consumers and accountants at tax time today, they will quickly find another way to get Australians’ attention tomorrow. Keep your plans, cyber champions, and staff – all the way to the Board level – updated regularly to ensure everyone is ready for the next threat.

05 June 2023

More Articles

Countries producing the most solar power by gigawatt hours

Check out the countries that produce the most solar...

Read full article

Illegal access nets $637 million

The ATO has found $637 million of superannuation savings has left the system due to illegal early access...

Read full article

Could your SMSF do with more diversification?

Australian Tax Office Office data shows a high percentage of SMSFs are lacking portfolio...

Read full article

Trustee decisions are at their own discretion: expert

A trustee doesn’t need to show reasons why they made a decision, they will only need to show they followed a...

Read full article

Planning financially for a career break

A pause in super contributions can have long-lasting effects. Here's how to plan ahead for super...

Read full article

Regular reviews and safekeeping of documents vital: expert

Keeping track of all documents relating to an SMSF trust deed is important if an estate planning issue arises...

Read full article

Investment and economic outlook, February 2024

Region-by-region economic outlook and latest forecasts for investment returns. . U.S. consumers in...

Read full article

Latest stats back up research into SMSF longevity and returns: educator

There was a dramatic decrease in the number of SMSF wind-ups from 2018 to 2023, indicating that the SMS...

Read full article

Sofie Korac is an Authorised Representative (No. 400164) of Prudentia Financial Planning Pty Ltd, AFSL 544118 and a member of the Association of Financial Advisers.

Financial Advice Sydney and the North Shore Office based in Gordon NSW

Financial Services Guide - Disclaimer & Privacy Policy

^