Australia: Cybercrime: Managing Data Breaches In Australia

Australia: Cybercrime: Managing Data Breaches In Australia - Davies Collison Cave

Jul 15, 2020 10:00 am Cyber Security 230

Australia: Cybercrime: Managing Data Breaches In Australia

15 July 2020

Davies Collison Cave

0 Liked this Article

To print this article, all you need is to be registered or login on Mondaq.com.

What is a data breach?

A data breach is generally defined as an incident involving "unauthorised access to sensitive, protected or confidential data resulting in the compromise of either confidentiality, integrity or availability of an information asset".1 Data breaches pose serious risks to businesses and the individuals to whom the information relates.

One specific type of data breach is a "business email compromise" (BEC), where a cybercriminal impersonates a business contact to trick employees or suppliers of a business to transfer money or to provide sensitive information. Often BEC scammers use domain names or emails almost identical to those of the contact they are impersonating, and because they don't use malicious attachments, their emails often get past anti-virus software. Most BEC scams take one of these forms:2

Executive fraud: A cybercriminal masquerades as an executive and sends an email to staff requesting they transfer funds to the scammer's account.

Legal impersonation: A cybercriminal requests payment for an urgent and sensitive legal matter.

Invoice fraud: A cybercriminal sends a fake invoice to the business, impersonating a trusted supplier. In many cases, cybercriminals have accessed the supplier's real email account and have made changes to the bank account details in otherwise legitimate invoices.

Data theft: This scam involves impersonating a trusted person to request sensitive information. The information obtained is sometimes used in a ..

Support the originator by clicking the read the rest link below.