Small businesses are the backbone of the American economy, but they are also prime targets for scammers. Why? Because small businesses often don’t have the time or resources to dedicate to security, leaving them vulnerable to attack. And scammers know this. They know how to exploit the vulnerabilities of small businesses, and they do so with alarming frequency. In this blog post, we will explore some of the most common scams that target small businesses. From phishing attacks to fake invoices and more, we will help you learn how to protect yourself from becoming a victim.
What is occupational fraud? Simply put, it’s when employees steal from their employers. This includes embezzlement, stealing goods, lying to investors and shareholders, and check and payment tampering. The latter — check and payment tampering — is one of the costliest occupational fraud schemes, representing about 10% of occupational fraud cases in 2021 and averaging over $100,000 in losses per incident, according to ACFE (Association of Certified Fraud Examiners, which issues an annual Report to the Nations, a global study on occupational fraud).
The Email Scam
Email scams are one of the most common types of scams that target small businesses. They can come in the form of phishing emails, which are designed to trick recipients into revealing personal or financial information, or they can be malware emails, which contain malicious attachments or links that can infect your company’s computers with malware.
Email scams are often very sophisticated and can be difficult to spot. If you’re not careful, you could easily fall victim to one of these scams. That’s why it’s important to be aware of the most common types of email scams and how to protect yourself from them.
Virtual Meeting Scams
Earlier this year (February, 2022), the FBI issued an alert about an increase in scammers using virtual meeting platforms to attempt to defraud businesses. The scammers capitalized on businesses becoming more comfortable using virtual meeting technology to conduct business when COVID shut down workplaces around the world. According to the FBI report, the scammers use virtual meeting platforms to send fake meeting invitations with links to join the meetings, then they attempt to collect personal information.
The Invoice Scam
Small businesses are often targeted by scammers who try to get them to pay for fake invoices. This scam usually starts with the scammer contacting the business and pretending to be a supplier or other vendor. They will then send an invoice for goods or services that the business doesn’t actually owe. If the business pays the invoice, the money is simply taken by the scammer with no goods or services being delivered.
To avoid this scam, businesses should be careful when paying invoices. Additionally, only do so after verifying that they actually owe the money. They should also contact suppliers directly to ask about invoices that they’re unsure about, rather than simply paying them without checking first. If you think you may have been a victim of this scam, contact your local law enforcement agency immediately.
The Data Breach Scam
Data breaches are becoming more and more common, and scammers are taking advantage of this by targeting small businesses. They will send an email or call pretending to be from a well-known company like Microsoft or Google. They’ll say that there has been a data breach and they need your login information to help fix it. Do not fall for this scam! These companies will never contact you out of the blue like this, and if you do give them your login information, they will have access to all of your sensitive data. If you receive one of these calls or emails, hang up or delete it immediately.
How to Protect Your Business from Scams
- Do your due diligence when hiring, especially if you employ a remote workforce.
- Use multi-step verification for employees who access financial information and instruments.
- When using paper checks, use watermarked checks to prevent forgery, counterfeiting and photocopying. Even in a day when digital money transfers are usurping paper checks, one forged check could cost you thousands of dollars or more.
- Use security software. In this post, we explain VPN blockers, wireless hotspots, password managers, and multi-factor authentication. This can be easily implemented and maintained either by your in-house IT team or someone who’s been vetted to manage cybersecurity risks.
- Require employees to change passwords regularly.
- Use a highly secure cloud-based storage system such as OneDrive or Google Drive to store and share documents. Use permission limitations and two-factor authentication to sign in and access folders and files.
- Don’t allow BYOD (bring your own device) in the workplace. If you do allow BYOD, you have the right to require employees to use antivirus and cybersecurity protection measures before connecting to your organization’s servers.
As a small business owner, it’s important to be aware of the common scams that target businesses like yours. By familiarizing yourself with these scams, you can protect yourself and your business from becoming victims. Remember to always be vigilant and if something seems too good to be true, it probably is. If you have any doubts, don’t hesitate to consult with a trusted advisor or legal professional.