With the end of financial year (EOFY) driving higher transaction volumes and external communications, Australian businesses are being warned of increased cyber risk.
Security specialists and insurance providers are highlighting the need for stronger cyber protection and a thorough reassessment of business insurance cover during this period.
According to Reuben Koh (pictured), director of security strategy for Asia Pacific & Japan at Akamai Technologies, scammers often take advantage of EOFY-related communications by posing as trusted institutions to trick staff into sharing sensitive data or transferring funds.
“Tax season is a time of increased cyber threats and is ripe for cybercriminals and scammers to strike,” he said.
The underlying scam models may be familiar, but AI is increasing the precision and effectiveness of attacks.
Koh noted that AI tools are now being used to conduct detailed background checks on targets – from vendors to senior staff – before launching personalised attacks. Some tactics involve robocalls, deepfakes, and custom phishing texts that imitate business processes or known contacts.
Koh also pointed to business email compromise (BEC) as a prominent risk during EOFY.
The increase in financial correspondence with vendors, contractors, and auditors makes it easier for attackers to insert themselves into communication chains and direct fraudulent payments.
Invoice fraud – often accompanied by malware-laden attachments or phishing links – is also widespread during the tax season. Departments dealing with finance, IT, and customer service face higher exposure due to the volume of inbound communications.
To help businesses guard against these threats, Koh recommends several steps:
In the event of a breach, Koh advised that businesses immediately contact government services such as Scamwatch, the ATO, and the Australian Cyber Security Centre.
Early reporting can support incident recovery and help prevent further exposure.
Findings from Beazley’s latest Risk & Resilience report revealed that cyber risk has climbed to the top of the agenda for business leaders worldwide.
In the report, 29% of executives cited cyber risk as their primary concern – up three percentage points from the previous year.
Despite rising awareness, the survey suggested a potential disconnect between perceived preparedness and actual capabilities.
While 83% of respondents expressed confidence in their cyber readiness, Beazley warned that this may underestimate the evolving nature of threats, including AI-enhanced ransomware and politically motivated cyber incidents.
Separately, BizCover is advising SMEs to conduct a review of their insurance coverage as part of EOFY housekeeping.
Businesses are encouraged to assess changes such as increased revenue, new services, and expanded online operations, all of which can affect their risk exposure.
For instance, offering consulting or digital products may require coverage updates such as professional indemnity or cyber liability insurance. Equipment upgrades and data storage practices may also warrant policy adjustments.
BizCover highlighted that many SMEs do not revisit their policies regularly, increasing the likelihood of underinsurance or denied claims during incidents. Reviewing coverage annually and aligning it with current operations can help reduce insurance gaps and avoid unexpected exposures.
