Many of the internet scams designed to fleece individuals are easily adapted or refined to target businesses.
Businesses have always been a lucrative source of income for thieves like fraudsters, and as the digital age has progressed, so have methods of deception that combine new tech with old tricks.
And less-sophisticated small businesses are often regarded by cyber crooks as a soft target.
However, you can still foil internet con-artists by ensuring you and your employees understand how the most common scams work and the importance of being constantly on the alert.
It’s also crucial to realize that online fraud often begins offline – typically via a letter in the mail or a phone call out of the blue that throws you off guard and makes you more vulnerable to believing that an imposter is the real.
The coronavirus crisis sparked a new wave of online deception, but these types of scams have been around a lot longer than COVID-19 and will be around a long time after fears over the pandemic ease.
So it’s critical to remain on your guard against online hustlers who target businesses through swindles like:
- Tech support scamsBank account takeovers
- Directory scams
- Advance-fee fraud
Tech Support Scams
Tech support scams start with a phone call or a pop-up message on your computer purporting to be from a well-known company like Microsoft or your internet service provider. In many cases with these scams, the simple truth is that companies like Microsoft, Google, or Apple are not going to call you out of the blue. They will only call you in response to a call you have initiated.
For the tech support scam, the fraudsters warn you they’ve discovered a major problem with your computer security and may show you “evidence” that your system has been hacked.
Sometimes, this con trick is aimed at getting payment for fixing a non-existent issue. In other cases, the scammers are trying to persuade you to give them access to your computer via a system such as TeamViewer.
If they do get inside your computer, they can install malware, including ransomware, and/or access your passwords and customer records and credit card information.
They can even take control of your bank account and authorize payments to themselves that are extremely difficult to get back.
How to Foil Tech Support Scams
You can stop a tech support scammer in their tracks by ignoring:
- An unexpected’ phone call frthere’sone claiming there’s a problem with your computer.
- Pop-up messages on your screen that ask you to call a specific number.
Before giving” an outsider control of your computer, always confirm they are genuine – such as a member of your internet service provider’s tech support team. Instead of responding immediately during the call, ask them for a number where you can call them back. You can also ask them to confirm that they work directly with Microsoft and listen carefully to their answer. Any legitimate call representative will provide the information and not pressure you to stay on the phone.
If a tech support scammer contacts you, report them to the Federal Trade Commission, which can use the information to build cases against these types of fraudsters.
If you think there may be a problem with your computer, update your security software and run a scan. If you need help fixing a problem, go to someone you know and trust.
Bank Account Takeovers
A bank account takeover may be triggered by a tech support scam or other means of installing malicious software on your computer – via a fake email or website, for instance.
A typical ploy uses a keystroke-logging system to discover passwords for online banking accounts and then make withdrawals.
According to the Cyber-Fraud and Financial Crimes Section of the Federal Deposit Insurance Corporation (FDIC), bank account takeover is “the most common and dangerous scam for small businesses.”
How to prevent a bank account takeover
You can help to safeguard your business against bank account takeover by:
- Monitoring your bank accounts daily for unauthorized electronic transfers.
- Asking your bank about anti-fraud alerts they may offer.
- Not using a public Wi-Fi connection for banking.
- Using a different, secure password for each of your bank accounts.
- Don’t click on any email attachments you weren’t expecting, even those from your contacts, especially ones with no explanatory text.
Cyber scammers use phishing emails to trick businesses into revealing sensitive or confidential information like bank details, credit card numbers, and passwords.
The email link will take you to a bogus website designed to steal your account information and your money.
A phishing email may also be aimed at encrypting critical files on your system and then demanding payment to make your data accessible.
Some phishing emails have no technical component and are “social engineering” efforts where they appear reasonable and trustworthy to get you to respond directly. If the sender earns your trust, they don’t need to employ a deceptive website to gather your information. You unknowingly send it directly to them.
How to Avoid Phishing Scams
You can foil phishing scammers by:
- Being wary of any email requesting information.
- Looking out for the grammatical errors and spelling mistakes that are typical in phishing emails.
- Not clicking on suspicious links or attachments (like the one pictured here).
- Bearing in mind that a reputable bank or other financial organization will never email you to update your details.
- Ensuring your anti-virus software and firewalls and are up to date.
- Send a new email to your contact or call them to confirm they sent the original suspect email.
Hustlers running directory scams aim to get you to pay for an online business listing that is worthless, or the directory may not even exist.
They may have a genuine company registration and official-sounding contact details like Domain Listings LLC, the subject of many complaints to the Better Business Bureau.
This type of scam (pictured) appears to be prevalent in Connecticut – several of my Research Department clients have been targeted.
Other directory scammers go to great lengths to avoid being detected. They’ll use disposable email accounts from free internet email services.
How to Prevent Directory Scams
Directory scams can be avoided by:
- Making sure that your staff who process invoices are aware of these scams.
- Checking out the company online – use a search term consisting of the name of the company followed by the word “scam.”
- Getting a private domain name listing.
- Keep a list of all your online accounts, so you know where your company domains/URLs are registered and when they renew. Log into that account to check your payment and contact information is current. You can also consider making your information private, which is usually an additional charge but can be worth it.
The advance-fee scam may target business owners because fraudsters believe they have access to plenty of capital.
These scams originated as letters in the mail but are now more likely to land in your email inbox.
Typical advance-fee scams include:
- The Nigerian (419) Scam. In the 419 scam – named for the 419 section of the Nigerian Criminal Code on fraud – swindlers offer to pay you handsomely to help them transfer large sums of money to U.S. banks. All they ask for at this stage is a relatively small upfront payment from you. If you fall for this scam, the fraudsters will then always find ways to get more and more of your hard-earned cash.
- The Spanish Lottery Scam. Congratulations – you’ve just won a life-changing amount of money in a foreign lottery you’ve never played! All you have to do is pay the Spanish taxes first. If you take the bait, the hustlers are likely to ask you to “cover other expenses” until they milk you dry, just like the Nigerian scam.
How to beat Advance-Fee Scammers
Advance-fee scammers can easily be thwarted by using common sense and simply ignoring them. Also, bear in mind that:
- There are many variations on the Nigerian Scam and the Spanish Lottery Scam that don’t originate in Nigeria or Spain.
- If you’ve really won something, you shouldn’t have to pay anything to collect your prize.
- You can’t win a lottery you didn’t enter.
- Advance-fee fraud can open the door to future ID theft.
Measures to Thwart Online Scams Can Improve Your Overall Business Efficiency
Taking steps to safeguard your business against internet scams can also help to make your enterprise more efficient.
For example, keeping a close eye on your expenses will help prevent fraud like directory scams and make you more financially aware and enables you to better control costs through careful monitoring of cash flow.
Another good business practice is maintaining a list of your online accounts, with details such as user name and password, and checking it regularly. This will enable you to ensure you’re using different passwords. If someone discovers your password for one account, they can access all your accounts with the same password. Tools like 1Password, LastPass, and Dashlane can help you manage and generate passwords, so you always have up-to-date information.
It’s also advisable to check the email addresses these accounts are linked to at least once a year. This will avoid problems that can arise from failing to be aware of essential notifications sent to an inbox you no longer check – issues such as unwittingly allowing the domain of your core business website to expire.
And don’t forget to update your online credit card details when you’re issued with a new card if your existing card has been compromised. If another business can’t bill your account and you miss the alerts, it can severely impact the running of your company as you lose vital website domains, emails accounts, and hosting services.
How to Recognize Tactics Used by Internet Scammers
Some internet scams that target businesses can be foiled by applying logic and common sense to the situation, while others may be more sophisticated.
Scammers tend to work with tried and tested formulae and being aware of their tactics dramatically increases your chances of recognizing attempted fraud before it can harm your business.
Internet fraudsters typically:
- Try to rush you into a course of action.
- Use intimidation like threatening to disable your internet connection.
- Request payments that are virtually impossible to stop or track – such as Western Union or MoneyGram – or ask for gift cards like Google Play or iTunes.
Fraudsters continuously fine-tune their online scams and often operate within highly efficient criminal set-ups. To give you an idea of the scope of cyber crooks, Comparitech, a company that helps people evaluate tech services, lists more than 70 internet scams.
The reach and diversity of internet scammers make it imperative to always be on the alert to protect your business from swindlers plying their vile trade in the digital space.