The Australian Competition and Consumer Commission has revealed a surge in the number of scams involving fake emails from businesses.

The watchdog’s Scamwatch division is urging businesses to be on alert for such scams after reports grew by a third over the year – totalling $2.8 million in lost funds, with an average loss of nearly $30,000.

Business email compromise scams occur when a hacker gains access to a business’s email account, or creates a facsimile, and sends emails to customers requesting that further payments be made to a new account, which allows the hacker to retrieve the money paid.

Alternatively, there have been reports of hackers sending an internal email to a business’s accounts team asking for funds to be transferred to a separate account, sometimes posing as the chief executive.

“This is a very sophisticated scam, which is why many businesses only realise they’ve been caught out once it’s too late,” ACCC deputy chair Delia Rickard said.

“There is a misconception these scams target just small business, however the largest amount of reports and losses came from medium-sized businesses, including one that lost more than $300,000.”

According to Rickard, effective management procedures are a key method of preventing these scams, ensuring that staff know how to deal with such an email when it appears in an inbox and by prioritising a multi-person approval process for transactions over a certain amount.

Access exclusive analysis, locked news and reports with Inside Retail Weekly. Subscribe today and get our premium print publication delivered to your door every week.