ANZ is advising Australian businesses to remain alert to the growing threat of scams during Cyber Security Awareness Month. The bank highlighted that cybercriminals are increasingly targeting small and medium-sized enterprises using advanced tactics.
A common method used by these criminals is business email compromise (BEC), where scammers exploit weaknesses in email systems or financial processes. They may hack into internal systems, change invoice payment details, and request payments be sent to accounts they control. According to the Australian Signals Directorate’s most recent report, BEC scams cost Australian businesses over $84 million in 2024 and accounted for 13 percent of the 87,400 reported cybercrime incidents.
Scammers also impersonate banks, financial institutions, or government agencies to deceive individuals into revealing personal information or transferring money. Small businesses are particularly vulnerable, with the average cost of a cybercrime incident rising by 8 percent in 2024 compared to the previous year. This has resulted in an average annual loss of $49,000 per small business.
Cosi De Angelis, ANZ Head of Transaction Banking, said: “Cyber Security Awareness Month offers an opportune time for us to remind businesses about the kinds of scams out there, and how they can help keep their staff and finances safe.
“At ANZ we’re serious about helping businesses stay safe. We combine robust fraud protections with 24/7 support, and provide practical education, like our ‘Stop. Check. Protect’ approach, which encourages busy business owners to slow down and be wary of threats, helping them identify red flags and stay one step ahead of scammers.
“Too often, I see scammers attempt to target small business owners by impersonating trusted business partners or long-term suppliers. Business owners are often run off their feet, and cybercriminals will look to exploit this and take advantage of hardworking Australians.
“Given the sheer volume of emails, text messages, instant messages and social media messages business owners and employees send and receive each day, it’s not surprising we tend to act on things straight away and sometimes overlook inconsistencies in correspondence. Scammers will take advantage of this - I implore Australians to double check all communication and if in doubt, contact your vendors and suppliers.”
ANZ reported that between October 2024 and June 2025 its teams prevented or recovered more than $100 million linked to scam or fraud attempts targeting small- and medium-sized Australian businesses.
One example involved Benton’s Plumbing Supplies in Melbourne. Scammers impersonated a legitimate business contact and convinced staff members to grant remote access to their computers. ANZ’s Falcon technology identified suspicious activity when a large transfer was attempted overseas; the Fraud Detection team intervened while staff were still communicating with the scammers. As a result of ANZ's quick response no funds were lost.
Aleks Nawrocki, Chief Financial Officer at Benton’s Plumbing Supplies stated: “Our team experienced a very significant scam near miss that was averted by the diligence of the ANZ team. The ANZ team was extremely quick and efficient, and the scam was thankfully identified and prevented.
“Since the incident, our team has been more scam aware and confident in identifying when something doesn’t feel right. It is extremely reassuring to know that we have been protected by the ANZ team and want to encourage other businesses just like us to operate with caution.”
To help protect against scams ANZ recommends:
- Banks will never ask for sensitive details such as passwords or PINs; if requested hang up immediately.
- Confirm changes in banking details directly by phone rather than relying on email.
- Use two authorisations for payments especially for large transactions.
- Review procedures for updating supplier information so all employees understand new policies.
Businesses are encouraged to use educational resources available on the ANZ Business Cybersecurity hub.
ANZ is also partnering with other major banks and the National Office of Cyber Security (NOCS) for a Securing Australia Together webinar scheduled for Thursday October 9 at 10am AEDT.
Customers who suspect they may have fallen victim to a scam should contact ANZ immediately at 13 13 14 or visit this page for assistance. Further guidance on different types of scams can be found at this link.
The bank has launched Scam Safe—a program aimed at raising awareness about evolving security threats affecting customers—and encourages everyone to remember:
A: Always be wary
N: Never share personal information
Z: Zoom in on details
For additional media inquiries contact Kate Power or Judy Hang from ANZ Public Relations.