Fraudulent activity (and its prevention) is just as much a part of your business as your employees’ payrolls or other business functions. No occupation or industry is immune to this negative aspect of the business world. When fraud takes place, it affects more than just your company’s bottom line. In addition, a small business bears the direct brunt of fraudulent activity because of having to pay for downtime, legal fees, and IT resources.
At the point where the financial damage is done, a company must find a way to pick itself up and move forward (perhaps a little wiser due to its experience with fraudulent activity). An excellent way for companies to fight back against fraudulent activity is to learn how to identify a potential scam and how to stop that fraudulent activity before it has a chance to start.
Take a look at these recent scam examples that businesses might experience, and the practical solutions to eliminate the situations from an organization.
Business Email Compromise
Business email compromise (BEC) is a sophisticated scam that targets companies working with mobile suppliers or that make frequent wire transfers. Using social engineering or computer hacking, scammers obtain a legitimate business email address and conduct an unauthorized transfer of funds.
Unfortunately, this type of scam isn’t caught until the funds have been transferred. The criminals use seemingly legitimate phishing or pretexting scams that make the victims feel pressured to act immediately.
BEC scams continue to be prevalent, and scammers are evolving and attacking businesses of all sizes. This type of scam has been reported in all 50 states and 79 counties, and the exposed loss from BEC scams totaled over $1.2 billion.
Since BEC scams seem to be an effective method for criminals, awareness and prevention are key to avoiding something like this happening to your business. Many of the transfer requests are made with a sense of urgency, so holding any international wire transfers for a period will give you time to determine the legitimacy of the request. Some other proven methods of protection are:
- Register all company domains that are slightly different than the actual company domain.
- Use a two-factor authentication for verifying fund transfer requests, and never use the phone number in the email as a form of verification.
- Know the habits of your customers, such as details of, reason for, and amount of payments.
- Keep employees educated with Phishing Awareness Training.
Consumer Complaint Notification from the FTC
Your business may rely on positive customer reviews, so receiving a notification that a customer has made a complaint against your business can be a big deal. Scammers use an email that looks like it comes from the FTC notifying you that a consumer has filed a complaint claiming your business violated the Consumer Credit Protection Act and asking you to follow a link.
These types of emails were first reported to the FTC back in 2014, but they’ve recently made a reappearance. Most savvy employees and business owners recognize the emails as fake, but if you don’t and click the link provided, you could install malware on your computer that might cause your device to crash or allow information to be stolen.
The easiest way to prevent damage from this scam is not to open emails like this in the first place. If the email does get opened, don’t click the link or open any attachments. If you’re unsure of the legitimacy, look up the phone number of the agency and contact them directly.
The FBI’s Internet Crime Complaint Center reports that ransomware schemes are continuing to spread and infect devices across the globe. Targeting both individuals and businesses, the problem begins when an infected advertisement or link is clicked, an email is opened, or an infected website is visited. Once the device is infected with ransomware, files become encrypted and the person or company must pay a “ransom” fee, usually via Bitcoin, to gain access to the files again.
In a year’s time, 992 victims reported CryptoWall-related ransomware schemes with losses totaling over $18 million.
To protect your business:
- Always use antivirus software and a firewall.
- Enable pop-up blockers.
- Regularly backup your data.
How to Protect Your Company
Knowledge is power. In the case of protecting your company from scam artists and the fraudulent activity involved, you never can have too much power. The best line of defense you can present against scam artists is a united front.
Consider setting up a training seminar for your staff with Global Learning Systems. It will get everyone operating on the same page when it comes to protecting your company against fraudulent activity. A refresher course in Ethics Training for the office will work to provide protection as well.
Be proactive in your interactions with people outside your organization. Any attempt to solicit money from you should be verifiable if necessary. Verify anything that feels fraudulent with your bank or other financial institution as a means of protecting yourself and your business for years to come.