The S.T.O.P. method can help you be Cyber Safe

8 May 2019

In just a couple of decades, technology has transformed the traditional way things have been done for centuries. In what seems like the blink of an eye, we are rapidly becoming dependent on technology to carry out basic everyday practices, such as paying for groceries with bank cards, using a phone to order dinner or shopping for clothes online. Everything you need is just a click away. But unfortunately, with these developments comes new risks and challenges that we need to be aware of.

At Scott Partners, we receive numerous emails claiming to be from the ATO, ASIC or a business name registry service. Many of these emails look genuine and can be deceiving. If you think you might be receiving similar emails from any accounting or business organisations, always check with us before opening attachments in these kinds of emails.

Remember that all correspondence from these organisations will generally be sent via our office. It is highly unusual for the ATO or ASIC to contact you directly.

More and more transactions are happening online every year, but with this cyber development comes great risk and threat to security. It is imperative that companies are more vigilant about how they and their staff conduct themselves and their business online.

Using the STOP methodology is a good way to educate oneself on potential threats to and weaknesses that lay within your business:

The S.T.O.P. Methodology:


Unless you have an unlimited budget and time, you need to be clever when dealing with cyber safety. Remove stress by farming out some of the responsibility. Find a small, reliable business accountant who can help with the financial side of things. Accountants are well-versed in cybersecurity and are happy to help. Don’t spread yourself too thin either – understand what areas of your business are potentially weak in terms of cybersecurity and work to limit the danger. Your accountant will know their way around cloud accounting or bookkeeping programmes and can advise on possible risks.

Two-factor authentication

Even if you feel comfortable managing finances (and other parts of your business) online, we recommend that you follow best practice for your passwords and logins. Establishing two-factor authentication gives you an extra security net in case your passwords fail. The two-factor authentication is particularly helpful if you sign into your account from another device or from an unusual location. We are often asked to reset our passwords, with a verification code sent by SMS. This is a good example of two-factor authentication.

Open with Caution

This is quite self-explanatory. Do not open emails or attachments that look unusual or suspicious. You could quite literally, pay the price. If something doesn’t seem right, open (or don’t open!) with caution.


Don’t compromise on your password. The ‘it couldn’t happen to me’ mentality doesn’t wash when you realise that your online accounts and assets have been compromised. Choose a password that you can remember, but it must be difficult for someone else to guess.

If you have any questions or concerns about cyber safety, particularly relating to your finances or digital business security, your accountant or bank should be the first point of call. 

If you think you have been the victim of cybercrime, you can report it on the Australian Cybercrime Online Reporting Network here.