Riskemy

Online Business Scams to Avoid

Scams, online or offline, can hurt the business reputation. If you are a small business owner, you should know about the top scams and devise methods to prevent them. Here is the list of top ones:

– Fake Invoice Scam: Invoice scams are invoices for goods and services you  never ordered or received. These invoices may look genuine but are actually phony. Take the time to make sure that any invoice paid matches up to a
purchase order or packing slip before paying. Limit A/P management to one  employee that is well trained in how to close the loop.

– Company ID Theft: In this scenario, scammers are trying to steal the identity of individuals in the company. They are looking for names and job titles of key people who they can use either for fraudulent activity or to  subsequently contact directly by pretending to know them. They may also want confidential information like bank account details and other financial data. The scammers either hack the computer system or pose as officials of  a govt. department or agency and request information they say is needed for legal compliance.

– Credit Card Processing Scam: Many small businesses need to be able to accept credit card payments, which means signing up for a processing service. Telesales reps offering card processing services will try and get
you to sign up. A few of these are bogus or unlicensed companies that will sign you up and then charge exorbitant fees or simply take your money. If you need a credit card processor, do your research and talk to your bank.

– CEO Phishing Scam: This scam works as follows-a brief, casual email arrives from a top executive or even the CEO of the company from the correct email address, with nothing appearing out of sync. The request is
for the recipient to wire money to a certain account or share some other sensitive company information, such as employee payroll data. The scam often works because it plays off of certain corporate cultures; fellow executives maybe used to such informal and terse communications between one another, while a request from a CEO made to a more junior employee may not garner any questions out of a sense of obedience.

– Business Email Compromise Scam: Similar to CEO Phishing scams, the Business Email Compromise Scam targets businesses working with foreign vendors or businesses that regularly perform wire-transfer payments. The fraudster emails a phishing document to an intended victim via the address of a legitimate supplier and asks him to change the wire transfer payments of paying invoices. Once the link in the email is clicked on, it downloads malware on the computer and allows the fraudster to gain unrestricted access to personal information, including financial account data and passwords.

– Documentation and Authentication Service Scams: These scams involve such things as charging a fee for membership and accreditation with a national consumer and business review organization, calls for license renewal services, or a company charging to supply and file with state officials a document called an annual minutes records form.

Tips for Preventing Small Business Fraud:

  • Install a good firewall and anti-virus software, enforce a strong password policy and limits on who has access to your systems.
  • Never give information or allow employees to give information to someone you don’t know. Always carefully check credentials first.
  • Issue purchase order numbers for all purchases and check all invoices against the original orders.
  • Just because something looks official or genuine doesn’t mean it is. Read everything before you sign.
  • Be wary of any email requesting an urgent wire transfer. To verify its legitimacy, call the person who supposedly sent the email to verify whether it’s legitimate. The FBI says that companies should also carefully look at emails to see if they are authentic and use multi-level authentication.
  • When it comes to making payments/wire transfers, hold customer requests for international wire transfers for an additional period of time to verify the legitimacy of the request, confirm requests for transfers of funds by phone verification as part of the two-factor authentication using previously known numbers (not the numbers provided in the e-mail request), know the habits of your customers, including the details of, reasons behind, and amount of payments, and carefully scrutinize all e-mail requests for transfer of funds to determine if the requests are out of the ordinary.
  • Never assume a call requesting documentation or renewals are authentic. Some of these services are already offered for free, always check your certifications to see when renewals are due and realise many of these calls are not legitimate.
  • If you think you or your business has been scammed, call your financial institution immediately and your local FBI agency.
Comments

Ishan Mathur

From stopping hackers to getting the fastest CDN, I'm helping big and small companies choose what's best for them by building a community here.

No, no, no. You’re not supposed to look here man!