It was a dream come true for budding entrepreneur Aami Mills when she landed a spot on cult reality TV show Shark Tank.
The Canberra businesswoman made a splash with the judges, pitching her one-size-fits-most sustainable nappies with inbuilt ‘poonami protectors’.
She even successfully lured a shark to invest $100,000 in her business Mimi & Co.
But when the day finally arrived in September 2023 for her episode to go to air, Aami awoke to her worst nightmare. She’d been attacked by cyber criminals.
Just hours before her starring moment on Network Ten, she discovered the Meta accounts of her business had been hacked, and she was locked out.
Online predators had drained her advertising account of $10,000 and set up fake, violent ads using her business logo, directing people to malicious websites, Aami says.
The mother-of-two says the ads featured confronting images such as fighting and “people trying to kill each other”, just as she was bracing for a deluge of viewers, and potential customers to her social sites.
“It could not have happened on a worse day, when I was about to go on Shark Tank, and I couldn’t get access to my Facebook or Instagram accounts,” the Canberra business owner recalls.
“I was pretty stressed. They hacked my account at 2am and by the time I woke up at 6am, they’d spent thousands of dollars.”
Aami has since become a Cyber Warden, and says the training has been invaluable.
She advises every small business to enrol to help avoid a similar fate.
“ The Cyber Wardens course takes you through simple things like setting up multi-factor authentication and I couldn’t recommend it highly enough to other small business owners,” she says.
She says she had been unable to access her social media channels because the hackers, who she says were based in Asia, changed the administrator details.
“My personal Facebook page was linked to my business page, so they were able to get access to my advertising account. At the time we didn’t have multi-factor authentication on, and they were able to change the administrator.
“I would try and reset my password and get a message saying ‘we’ve sent it to this email’. And I’m like: ‘Oh, my God, that’s not my email – that’s their email’. They were able to start running their own ads, they set up their own pixel ads to their own websites and coming out of my PayPal account.”
The ads were directing anyone who clicked to 55 different landing pages which she says were created to gain access to people’s data.
She says it was not only the initial financial loss that was a blow, but also the reputational damage to her business.
Like many small businesses, she assumed that she would not be a lucrative target for cyber criminals.
“It was a very expensive lesson in hindsight,” she said.
“I’m glad it happened to me at that point in time, not when we’re a five, ten, 15 million dollar business. That would be catastrophic. It was the wake-up call that I needed. I think I was really naive and thought ‘Why would they want to hack me? I’ve got nothing for them’. But they did want to hack me obviously, because we’re easy pickings.”
Aami says she learned many useful online safety tips from the Cyber Wardens program, and has integrated them into her business.
She says she feels more confident now that her digital doors are locked to cyber criminals.
“You can never stop learning though, it’s important to stay updated on cyber security as a small business.”
For more information, please visit cyberwardens.com.au
Help protect your small business from scams and hackers with free and simple cyber security training