Canberra-based business owner Aami Mills woke up to a shock one morning when she logged onto Facebook and discovered her cloth nappy brand Mimi & Co’s page had been stolen.

Hackers accessed the social media profile at 2am while she was sleeping, and in the four hours before Mills awakened, they spent $10,000 to post violent and adult content to her customers.

Worst of all, Mimi & Co would be in the spotlight that evening when Mills’ Shark Tank spot aired on Network 10, with both Showpo founder Jane Lu and Oodie founder Davie Fogarty investing.

“I couldn’t get in, and then when you go to reset your password they send an email to an address that’s someone else’s,” Mills told TND.

“It was the worst possible timing. Instead of being really excited, I was just heads down bum up trying to get everything sorted.”

Mimi & Co founder Aami Mills. Source: Supplied

Thankfully, thanks to help from her new-found investors, Mills was able to get the ads taken down before the episode aired that night, but the business owner will never forget the ordeal.

“The only way to stop them was to drain all my accounts so that once it hits a threshold there’s no money and they stop your ads,” Mills said.

“Until that point, they could just spend.”

‘You feel violated’: Hackers target small businesses 

Remarkably, Mills is not the only Shark Tank contestant whose business has been targeted by Facebook hackers amid a sharp uptick in fraud and cyber crime since the Covid-19 pandemic.

Podiatrist Thien Trinh, who founded cork insole company Stryda, has been targeted twice by Facebook hackers, and even had to replace his first page after the first time they got in.

It was a serious setback for the business, which relied on digital marketing to drive sales growth.

“The first time was pretty bad. We still haven’t been able to recover the account. It has never been resolved,” he said.

“You feel violated.

“I stayed away from social media [marketing] for a good year. It was pretty debilitating. It killed my confidence.”

Upskilling help

The government-backed Cyber Wardens program is now trying to upskill businesses on how to safeguard against hacks, with hundreds of millions being lost across the economy yearly.

“Social media accounts are also a lucrative target for cyber criminals, who cast a wide net to find businesses with weak cyber security processes,” said Luke Achterstraat, the CEO of COSBOA which is also backing the program.

“Whether you are running a retail outlet like Aami and Thien, a café or a plumbing business, a hacking incident can be devastating for a small business.

“And if you haven’t properly shored up your online security, you are a sitting duck for hackers.”

Most Australians are familiar with high-profile hacks against companies like Optus and Medibank, but there are far more taking place every day, with small business owners emerging as targets.

About 43 per cent of cyber attacks in Australia target small businesses, with average losses totalling $46,000.

Warding off hackers

Staying ready paid off for Trinh.

He managed to lock down his Facebook account after thieves tried taking it again before his Shark Tank appearance last year.

“The second time we were water tight,” he said.

“We had done the wardens certificate and were well covered.”

Mills said entrepreneurs trying to get their companies off the ground often don’t have the skills needed to ward off hackers, or the money to invest in expensive protections big business has.

“As a small business owner, cyber security isn’t something you think about. You think that because your revenue is really small that even if they hack your accounts, there’s not much there,” Mills said.

“But they target small businesses because a lot of the time they don’t have the resources to catch up.”

Trinh said business owners need to take cyber security more seriously than ever before.

“It’s so easy to make that one wrong click and trust that one email you shouldn’t that’s masked so well,” he said.