Blog | Avoiding Small Business Scams
Avoiding Small Business Scams
Small businesses are known to be targeted by scammers. But sometimes it’s hard to notice if it’s a scam in advance. To help small business owners, here are some types of fraud and tips on how to avoid fraud:
Tech Support Scam: This is when your computer may freeze and display a message that your computer could be infected, it will you a contact number or email to help solve your problem. Someone may also call your office, claiming that your computer system has been compromised and offer to help you with online repair.
- How it works: If you call the number, the person you first speak to may try to get some financial information (which they can use for identity theft), or may seek to get remote access to your computer, here they can put ransomware on your computer and get information that way.
- What you can do: Do not click on anything and do not call the scammer. Hang up if someone calls your office with this topic. If your screen does freeze, reboot the system and see if that eliminates your problem. In an extreme case, call a professional technician to help clean any malware on your computer.
Directory Scam: This is a scam that’s been happening for years!
- How it works: The scammer will contact your company claiming that your company agreed to purchase an expensive yellow page directory listing or other listing in a directory. The scammer will present a fraudulent invoice for an inflated sum, demanding payment, and will then threaten to ruin the company’s credit record if payment is not given.
- What to do: Do not pay! You are not obligated to pay for any services you did not order. File a complaint if a fraudulent debt is reported to credit reporting agencies or a debt collector. Be sure to dispute the claim immediately in writing. Other ways to protect your business from this scam is to train your staff to be aware of these types of scams, don’t give out information about your business unless you know how it will be used, and never agree to anything over the phone – always get it in writing.
Zero-Day Threats: If you don’t know something exists, it can be hard to protect yourself against it. Zero-Day threats is a technical term for cyber threats that capitalize on previously unidentified software vulnerabilities.
- How it works: Developers are skilled at creating “patches” of code to correct vulnerabilities in their software once there’s been one found. But cyber hackers are quick in searching out new vulnerabilities. The time between a hacker spotting a new weakness and the developer putting in a fix code, is when the business is most vulnerable. During this period, cyber hackers will capitalize on your vulnerability by writing malware and distributing it through websites and emails that include fraudulent links or attachments. The consequences of an attack can vary, but they typically include disruption in business operations, identity thefts, financial loss, and compromised or destroyed data.
- What you can do: Although it’s impossible to completely eliminate this threat, there are steps you can take to increase digital protection against zero-day threats: install, maintain and monitor firewall, use professional-grade anti-malware software on all devices attached to your network, keep computer systems updated with latest security patches, create strong passwords, limit administrative rights on computers to necessary users, and educate your team. A key to small business cybersecurity is to do a thorough backup.
Check Scams: These solicitations usually look like bills, invoices, account statements, flyers or brochures. Some businesses may get something that looks like a rebate or refund cheque and there’s a strong possibility that this could be a scam.
- What you can do: Read the fine print carefully. Companies that cash the check may be agreeing to get billed monthly for products or services that are unwanted or unneeded. Know who you’re dealing with and never give money out to strangers. Don’t deposit it, report it! If you believe you have been a victim of a scam or are currently being solicited by a scam artist, contact your local police department.
Phony Business Debt Collector:
- How it Works: A company wrongly claims to offer debt collection services for small businesses, and demands an advance fee for their services. The service is never provided and the collector is usually not available to be contacted again.
- What you can do: Always check on the background of debt collectors and check any required licensing before doing business with them.
Toner/Office Supply Scam:
- How it works: Usually involves a series of phone calls in the hopes of finding a new employee or temp who will give up information easily. The caller will pose as a vendor for the company or a survey taker. The caller will ask the employee to read the make and model number off the nearest printer. The employee will usually comply since this seems harmless. After the initial phone call, the con artist will call again to give a tempting offer on toner cartridges that fit the printers perfectly. The vendor will get agreement from the employee and authorize the sale. The delivery results in cartridges that contain far less units than expected, or individual cartridges. The company then receives invoices for products they didn’t order.
- What you can do: You’re not obligated to pay for bills for products or services that you didn’t order. Let employees know who should be the ones making orders and who to contact. Assign designated employees for all purchases, and if you suspect an office supply scam report it right away.
Scams using the Google brand name:
- How it works: The scammer calls, texts or emails to claim that money is needed to correct a problem with a Google related service.
- What you can do: Don’t fall for it. Communicate directly with your service provider with a contact address or number you’re familiar with. Do not deal with strangers.
Phishing messages with text messaging:
People have been reporting scammers getting in touch through text messages.
- What you can do: Be careful and do not click on messages that come from unfamiliar people.