"Of people having reset passwords where they haven't requested them, having access codes requested when they haven't asked for them ... having emails coming from what they think is their CEO or a CEO of their client asking for access or logins."
Dexter said the risk was exacerbated by the fact staff were isolated, making it difficult to verify if a request was legitimate.
"People want to be helpful, they're a bit confused, a bit scared so it's the perfect time for a hacker to reach out," she said.
"They are very sophisticated attacks ... specifically targeting an individual company, they've gone and researched you, researched your partners, looked at your website, seen what technologies you're using and then they're going in understanding those relationships, with very specific emails that look very real."
She said people could do simple things to keep themselves, and their company data, safe such as have strong passwords, not use the same password for multiple logins and update their password frequently.
"If they can compromise your email or any system that sends emails for you then they can load their own contact data and scam people from that... or to obtain data that can be utilised," Dexter said.
"There's always some financial aspect behind it, whether it's identity fraud, access to credit card details so it's about using your reputation as a good business to then scam other people."