Australians are unfortunately falling victim to cyber-crime in record numbers.
A recent ACCC Targeting Scams report revealed that Australian businesses had lost $227 million to payment redirection scams in 2021, a 77% increase compared to 2020.
It was also confirmed that payment redirection scams were the single most financially damaging scams for Australian businesses in the previous year.
A typical payment redirection scam involves scammers impersonating a business or its employees via email or other channels and requesting an upcoming payment be redirected to a fraudulent account. This is also commonly referred to as Business Email Compromise (BEC).
The threat to our sector
Buying and selling a home is one of the most emotionally charged and financially significant transactions a person will ever make – a truly critical milestone in anyone’s life.
Given the sums involved and the nature of the information being exchanged, industry professionals servicing Australia’s homebuyers and sellers; conveyancers, lawyers, bank representatives and real estate agents, are a prime target for cyber criminals and specifically, payment redirection scams.
ACCC data found that it was our smaller businesses that were hit the hardest.
Breakdown of 2021 scam reports and losses by business size (Scamwatch data only)
| Scam type | Number of reports | Reported losses |
| Micro (0-4 staff) | 1,093 | $3.5m |
| Small (5-19 staff) | 890 | $3.5m |
| Medium (20-199 staff) | 551 | $4.2m |
| Large (over 200 staff) | 319 | $421k |
| Size of business not provided | 771 | $1.7m |
Industry reform
It’s clear that there is much to be done to buck this trend.
In response to these figures and having been called on by ACCC Deputy Chair Delia Rickard to take action, the Australian Banking Association (ABA) has just confirmed the launch of the “Australian Banks: Working to Protect You” PayID campaign.
PayID connects bank account details with a mobile number or email address to enable real time payments.
ABA CEO Anna Bligh, in a statement, explained that the widely adopted, secure method should be adopted by more Australians.
“PayID is free to register, easy to use and to date there are more than 11 million PayIDs registered in Australia, but we would like to see even more. Customers can have multiple PayIDs, including their phone number, registered emails, or even their ABN in the case of a business.
“17% of all real time payments are now made using PayID and this campaign aims to accelerate the growth of these payments.
“PayID is as simple as using the mobile number or email address of the person or business you wish to pay to make a payment, unlike a traditional payment where you need both a BSB and an account number.
And most notably, Bligh said that the method can help to mitigate the risk of potential scams.
“Critically, it helps to stop scams because unlike a traditional payment, the payer can see a confirmation screen, which includes the intended PayID name, before they confirm the payment.
“The more payments we see using PayID, the more protected customers will be.”
PEXA’s Chief Information Security Officer, David Willett, encouraged the move.
“In our sector, there is absolutely zero tolerance for risk. There should be no stone left unturned in ensuring the level of security protecting Australia’s property settlements – and that’s why PEXA will always support initiatives like this and any endeavours which aim to reduce the risks associated with payment redirection scams.”
Businesses that are the victims of a cybercrime, such as payment redirection scams or ransomware, should report the incident to ReportCyber as soon as possible. ReportCyber is run by the Australian Cyber Security Centre and passes reports to law enforcement agencies for assessment and intelligence purposes.
