Safeguarding your Business from Scams
Scams can impact every business no matter your industry, size, or location, and businesses like yours, right here in our own communities, are no exception.
For example, we've received recent reports of fraudsters posing as merchant service representatives stating customers have been improperly charged for their services. These information thieves request copies of merchant processing statements promising to review and adjust pricing; however, they are only after your business's account and transaction information found on these statements in an attempt to further their scam efforts.
Fortunately, knowledge is the best protection for you and your business. In addition to fraud attempts like this, below are some common business scams and tips to help avoid them.
Business Email Compromise (BEC) scams are targeted spear-phishing attacks that, according to the FBI, are some of the most common and costly scams for businesses. In BEC scams, criminals send email messages that appear to come from a trusted, known source - your boss, a coworker, vendor, or government agency in an attempt to make their requests seem legitimate. These emails often direct the recipients to wire money, open malicious documents or links, send sensitive files, and more all in an attempt to steal money and/or valuable information.
In addition to Business Email Compromise, there are many other phishing attempts that take place every day - these can come in the form of emails, text messages, or even phone calls. Most phishing attempts want you to click on malicious links or attachments that can contain viruses, direct you to forms to capture your personal or business information, or attempt to get you to reveal bank account or credit card information.
Watch out for phony invoices requesting payment for products or services never ordered or received. The most common scams involve office supplies, website or domain hosting services, directory listings, and employment or other ads. Look at the fine print on these offers, which often indicate they are not actual invoices but rather solicitations.
Just like the recent merchant services scam discussed above, most of these scams start with a phone call from someone pretending to be from a reputable company that you do business with claiming you owe them money, have overpaid them, or have been improperly charged. Sometimes they will even state they have a surplus, special, or other discount to offer - if only you provide them your company's bank account information to take the next step.
While most donation requests are likely legitimate, there are con artists who attempt to use your company's generosity to make gifts to fake charities or causes. Some even use real charitable organizations' names but divert donations to their own pockets. Although they can happen at any time, these scams are most common after natural disasters or other national or global events occur.
Payroll diversion scams are a type of phishing scam where criminals will send fake emails to or call HR representatives requesting a change to an employee's bank account information. They gather information on the victim to successfully impersonate them and convince the HR representatives to reroute direct deposits and other forms of payment.
One thing most of these scams have in common is that they almost always involve fraudsters claiming to be someone else, often from a person or business you know and trust. They may also pretend to be a representative of a government agency (the IRS is a favorite claim). Tactics can include fear or other emotional appeals, and many times there is pressure to act quickly. To help you spot these scams and to keep yourself and your business from becoming a victim, follow the tips below:
- Good Record Retention- Keep documentation of all orders and purchases. This will help you to detect bogus accounts and invoices.
- Strong Payment Procedures- Establish payment authorization procedures, including a multi-person approval process for transactions above a certain dollar amounts.
- Payment Method Red Flags- Wire transfers, pre-paid debit cards, and gift cards are scammers’ preferred methods of payment. Always confirm that any requests for payment with untraceable methods such as these are verified by an authorized source. Also, try to pay with a company check; this way, a paper trail has been created.
- Verify Vendors- Make sure that the business billing you is a business you’re familiar with and normally do business with. If not, question it. Get the name of the person you speak with, the company name, address, phone, and website.
- Take Care with what you Share- Do not give out information about your business unless you know what the information will be used for. Never provide personal information or financial details to anyone you don’t know.
- Protect your Network and Devices- Make sure you have proper, updated network and computer protection software and a firewall. Educate employees not to click on links or attachments inside unsolicited e-mails that could spread malicious software or viruses. Encourage your employees to use complex passwords and change them regularly. Require multi-factor authentication whenever possible.
- Educate Your Employees- If your employees and coworkers know about scams, they’ll be more likely to spot them too. Share awareness education and your business's policies and procedures to help keep them informed and up to date. Make sure they understand how cyberattacks can damage businesses and that they have a responsibility to utilize the protective measures you set for them.
- Report any Concerns- If you suspect you may have fallen victim to any type of scam, please notify us as soon as possible so we can help you take steps to protect your accounts from any unauthorized activity. Delays can be costly, so never hesitate to contact us, even if you are not sure. It's always better to be safe than sorry. Call your Banker or our E-Services team at 217-438-4101, or toll-free at 855-822-5880 Monday-Friday 7:00am-6:00pm and Saturdays 8:00am-12:00pm.