Email and online payment systems are just a few of the tools small businesses use to increase efficiency when working with employees, customers, and vendors. But each time you send an email or log in to an online account, you may be exposing your business to a cyberattack.
Criminals can use these tools against you to steal money or gain access to private information. This could threaten daily operations, business longevity, and break customer trust that may have taken years to build. The potential for lasting harm is real.
You can help prevent business fraud when you know about the latest cybersecurity scams and tactics.
What is a cybersecurity scam?
A cybersecurity scam occurs when someone uses people or technology to gain unauthorized access to a computer or computer system. Their goal is to find information that will help them log into bank accounts or steal the identity of an employee or customer.
Common business cybersecurity scams
Many business owners think they could never be tricked. The truth is, it’s easier to become a victim of a cybersecurity scam than you think. But when you and your employees are aware of these common scams, you’re more likely to be able to stop them in their tracks.
Fake invoice scam
The criminal creates an invoice for the types of products or services used by your business. They hope that your accounting department just pays these bills without confirming they’re real, and that no one will realize that the items weren’t ordered or received, or that the payment is going to the wrong location.
Office supply scam
You receive an email or phone call to verify your address or offer you a free catalog or product sample. Soon, products you never ordered arrive at your business, along with high-pressure demands to pay for them. This scam typically involves office supplies, but it can happen with any product.
A person, email, or direct mail solicitation claims to have the secret to gaining new customers at little cost. Fraudsters try to convince you to pay for advertising that never happens, or a listing in some type of business directory that doesn’t exist.
Company or agency imposter scam
A person calls you and pretends to work with your utility company or a local government agency. These scams often pressure you to immediately pay fake past due charges, taxes, or licensing fees to avoid negative action against you or your business.
Tech support scam
Pop-up ads are annoying for everyone who uses a computer. But a pop-up warning on your computer screen can sometimes cause people to panic. It’s easy to take the bait when one appears with the name of a well-known technology company claiming there’s an issue with your computer’s operating system. Clicking on a link in that warning message often results in malicious software being installed on the computer, which scans the system for sensitive data.
Fake check scam
This scam varies, but one of the most common variations is an “accidental” overpayment made by check. A person posing as a customer pays more than you’re owed, and then asks you to send the refund to someone else. They count on you to promptly refund the money before your bank realizes the check they sent you was fake. You never collect on the fake check, and you’re out the money you refunded.
In one popular scheme, scammers use emails, text messages, or phone calls that appear to be from a trusted person within your company. Emails and phone numbers are spoofed, which means they look like they come from a co-worker or supervisor — but they don’t. The person then tries to convince employees that their request for a wire transfer or release of sensitive information is legitimate and needs to be immediately fulfilled.
Common cybersecurity scam tactics
Scammers may combine one or more of these common tactics to trick unsuspecting businesses.
- Pretending to be from a well-known company or organization
- Stressing urgency and inciting panic so you do what they demand
- Threatening harm to you, your family, employees, or business
- Business owners who are aware of these tactics can implement systems and training programs to help prevent cyberattacks.
How can I protect my business from cybersecurity scams?
Educating staff about these and other cybersecurity scams is crucial to protecting your business from fraudulent activity. Once your team is aware of these common scams, they should always stop and consider requests for payment or company information — especially urgent requests. Learn more about how to protect your business account when you speak with a Bank of Missouri Relationship Manager. Call us at 888-547-6541.