Step 3: Notify contacts and relevant third parties

Content complexity
Simple
This rating relates to the complexity of the advice and information provided on the page.
Icon of a loud speaker with noise lines

If you have been hacked or impersonated, you should alert your contacts (such as customers, colleagues, suppliers, family and friends). This will help them recognise suspicious activity and disregard fraudulent emails such as those that refer to changing of bank details, requests for large payments or unusual links or attachments. For a templated email response please see the text below:

To our contacts,

We have recently identified that <insert your organisation’s name> has been a target of fraudulent cybercriminal activity.

We became aware on <insert incident date(s)>, that a malicious actor sent emails to our contacts impersonating our business and our staff. These emails may have related to <insert incident details, such as “invoices, requests for large transfers, or to change banking details for payments”>. The emails were sent by the following email address: <insert hacked or impersonated email address>

If you received an email from <insert your organisation’s name> that matches this description, please ignore the email’s content and send it to us for further investigation. You may want to check with your bank whether any payments were made to the fake invoice or the fraudulent bank details.

We encourage all of our contacts to remain vigilant and pay close attention to any suspicious emails. The cybercriminal may be copying our email signatures, our names, and our email addresses. If you receive an email from <insert your organisation’s name> and are not sure if it’s legitimate, please contact us for confirmation using a phone number you know to be correct.

Sincerely,
<Insert your organisation’s name>

If your email account has been compromised and has caused serious harm to your contacts, you may have further mandatory reporting requirements to your customers, as well as legal obligations to report a data breach to the Office of the Australian Information Commissioner (OAIC). For further information on the OAIC’s Notifiable Data Breaches scheme, please visit the OAIC website.

An icon to indicate an area of information

Refer to the OAIC and seek legal support regarding mandatory reporting obligations: www.oaic.gov.au 

If you have been the victim of identity theft, contact IDCARE - idcare.org or 1800 595 160. It is a free government funded service to assist you.

Was this information helpful?

Thanks for your feedback!

 
Optional

Tell us why this information was helpful and we’ll work on making more pages like it

Icon for ReportReport a cyber security incident for critical infrastructure Icon for becoming a alertsGet alerts on new threatsAlert Service Become anACSC partner Icon for reportingReport a cybercrime or cyber security incident
Acknowledgement of Country icon
Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.
Authorised by the Australian Government, Canberra