How your company monitors for scams and responds to them is crucial to limiting potential damage to your customers, your brand and your reputation, writes ASIC Commissioner Cathie Armour GAICD.
Companies are on the frontline in the fight against scammers. As COVID-19 continues to impact our economy, scammers are targeting Australian companies and compromising their systems, clients and potential customers. In early 2021, reports of misconduct to ASIC increased more than 200 per cent compared to the previous year. Meanwhile, the Australian Competition and Consumer Commission (ACCC) reported that Australians lost a record $851m to scams in 2020.
At the Australian Securities and Investments Commission, we’re seeing an increase in scams involving fake websites, social media sites, call-centre staff, stock exchanges — even fake regulators. Scammers’ impersonation skills are becoming increasingly sophisticated, making it very difficult for companies and employees to differentiate between legitimate businesses and scams.
“It’s important your company has procedures in place — not only to warn your customers of a potential scam, but also to lodge a misconduct report with ASIC.”
There’s been a concerning rise in imposter bond investment offers, including recent scams targeting Telstra and Qantas investors. Scammers pretend to represent well-known financial services firms, including banks, and offer fake bonds mirroring the characteristics of the legitimate exchange-traded bond units listed on the ASX.
In many circumstances, the scam occurs after the investor completes an online enquiry form expressing interest in receiving investment advice, often via a third-party or comparison site. Common tactics deployed in bond scams include:
- Sending professional-looking fake prospectuses with unrealistically high returns
- Falsely stating the bonds are issued by prominent financial services firms when this is not true and there is no underlying investment
- Falsely claiming investor funds will be pooled to invest in government bonds or the bonds of companies with AAA credit ratings
- Falsely claiming the purchase price of the bonds is protected under the Financial Claims Scheme
- Using contact details gathered online through fake investment comparison websites to call people and pressure them to invest or risk “missing out”.
We ask company directors to be vigilant to similar scams targeting their organisation. It’s important your company has procedures in place — not only to warn your customers of a potential scam, but also to lodge a misconduct report with ASIC (bit.ly/3iD3KFW). Each year, we receive thousands of reports of alleged misconduct, providing valuable information and intelligence.
We also recommend continuously monitoring the use of your company’s name or logo to ensure it is not misappropriated. Putting basic procedures in place is relatively easy. For example, your company could conduct a regular Google search for its name, as well as checks on social media platforms such as Facebook or LinkedIn.
Protect your company
When it comes to protecting your company and its reputation, eternal vigilance against misuse of your company name and logo to combat scams is just one small component.
Company directors should also proactively monitor the board’s or management’s cybersecurity strategies and consider their practical application.
Key questions a board should ask about cyber risk are set out at asic.gov.au/cybergovernance