- Cyber Warden
- 3 mins read
Cyber Wardens and Eftsure urge small business vigilance during busy retail period
NOVEMBER 13, 2025: Small retailers are being warned of a surge in online fraud and scam attempts during the popular Black Friday and Cyber Monday sales – with some attacks “weeks or months” in the making.
Payment protection provider Eftsure, which is joining forces with COSBOA’s Cyber Wardens program to help small businesses combat rising cyber threats, says fraud attempts typically rise during busy transaction periods.
The company recorded its highest-ever volume of attempted fraud in October, signalling that scammers were already ramping up activity ahead of the pre-Christmas sales blitz.
“Scammers are keenly aware of busier workloads and reduced headcounts,” Eftsure chief technology officer David Higgins said. “They deliberately target people during these windows, because they know we’re more likely to be distracted.”
Mr Higgins said everyone should be on high alert for unusual payment requests.
“Even if it appears to have originated from a trusted contact, be aware that scammers’ impersonation tactics are increasingly sophisticated, especially with the help of AI,” he said.
Common attacks included:
- Phishing through emails with subject lines such as “Black Friday deals” or “urgent account issues”.
- Vendor impersonation
- Business email compromise (BEC)
Mr Higgins said fraudsters were getting much better at posing as trusted contacts.
“This can include weeks or months of convincingly pretending to be a trusted vendor in a variety of channels, often after infiltrating that vendor’s systems and even sending messages from their email unnoticed. Then, they might push for a fraudulent transaction or change to payment details when they know the target is less likely to scrutinise the request, for instance, during busy retail or holiday periods.”
Enabling multi-factor authentication or passkeys where possible, and finding automated ways to flag payment anomalies were advisable, he said.
Cyber Wardens, a national initiative of the Council of Small Business Organisations of Australia (COSBOA), warned that small businesses can be prime targets because they often manage their own finances and may not have dedicated IT staff.
COSBOA chair Matthew Addison said the average cost of a cyber attack on small businesses has risen to $56,600, but there were simple steps teams could take to help protect themselves.
“From activewear labels to gyms and shoe stores, many small businesses are already in the throes of their Black Friday sales, launching promotions well ahead of the official event on November 28,” he said.
“Black Friday and Cyber Monday are massive opportunities for small businesses, but they also create the perfect conditions for scammers. We are advising operators to slow down and make simple checks such as verifying payment requests, and double checking invoices and bank details.”
To arrange an interview, please email media@cyberwardens.com.au or call Kimberley Roberts-Salee on 0401 723 282.
Follow for more tips and tricks that help keep your business cyber safe.
Explore more
Subscribe for the latest research and advice
Telling us a bit about your business will help us match the program to your needs.
Learn how we keep your data safe here.
