You may think that a small business is less vulnerable since they have less to steal, but a scammer assumes that a small business is an easier mark, less equipped with software and training to deal with potential threats.
No matter how big your company is, knowing the common scams that are out there and how to deal with them can make you better prepared to face the modern business age and protect your money and your company data from theft.
Malware is a growing threat to small businesses. It most often takes the form of an email or other message containing news or offers that entice you and your employees to click on them.
These lead to often legitimate-looking websites that will ask you for information or permission to download files to your computer in order to view a video, take advantage of an offer, or see the details of an event.
This file download will be software that allows a hacker to invade your computer in order to steal your files, or see your screen’s activity. This can lead to stolen credit card information, hacked bank accounts, or leaks of company data.
To avoid this scam, advise your employees to use common sense when clicking on ads on company computers, not to accept any unsolicited downloads or offers, and to be aware of how scammers try to invade company mainframes.
The overpayment scam
This scam targets employees of companies who make sales online. It works by manipulating payment methods through refunds so they can steal from you.
It will start with a generous offer for a product or service, which the buyer will then overpay you for, either through a credit card or a check. They will apologize for the oversight or make an excuse to make their mistake sound more believable, such as the overcharge being an unnecessary coverage for shipping.
The buyer will then ask for a refund of the amount that they overpaid you through a money transfer, banking transfer, or money card. Once you do this, you will discover that you’ve been scammed because the original check or credit card payment will bounce, meaning that the overage you refunded them is gone.
Avoid this scam by training your employees to recognize when something isn’t right, such as when someone overpays for a service and then asks for a different refund method, such as a money transfer.
False billing scam
This is one of the more direct scamming methods. A scammer will send the company a fake invoice or some other kind of renewal request (such as for the domain name of a website) to be paid directly to the scammer.
This scam takes advantage of the fact that companies often have distinct departments that handle different jobs. Therefore, someone in accounting may not be aware of whether an advertising service needs to be compensated or an account renewal payment needs to be made.
When this administrator in your company receives the invoice, they will just do their job and pay it. This is why communication is essential between the departments of even a small business. Every administrator should know what activities, promotions, events, and services have been requested by the company and which need to be paid in order to avoid scams like these.
This scam begins with a personal email to an executive in the company with containing some kind of official business. This could be a customer complaint, vague information about a critical business venture, or legal information.
The goal of this scam is to acquire company data through your response to the email. This could include your passwords, confidential administrative information, financial details (they may ask you to make a purchase of some kind), or through a malware download, as discussed above.
Recognizing phishing scams means keeping up to date on what important information is real so you know what’s actually going on within the company, legally and financially, and can recognize a fake request when you see one.
Businesses today are vulnerable from information and money theft through these scams. Most of them involve taking advantage of company infrastructure by tricking untrained employees into making a refund, downloading from a link, or entering a password on a computer infected with malware that can detect and record keystrokes.
Avoiding these and other scams is a matter of employee training, awareness of the latest tactics, and common business sense.
Contact a PR company in South Africa or whatever country you ’re based in to request help on how to manage information to protect yourself and your business from scams.