The content in this article derives from Jeff Kersten’s “How to Protect Against Scams & Frauds Targeting Small Businesses” webinar hosted by Park Bank in May of 2024. Kersten is an Outreach Specialist – Division of Trade and Consumer Protection for the Wisconsin Bureau of Consumer Protection.
Everyone is susceptible to scams; it’s just a matter of encountering the right (or wrong) communication at the worst possible moment.
In this article, we’ll explore how to shield yourself and your business from fraud.
You'll learn:
- The telltale signs of a scam
- How to avoid being duped
- Today’s most prevalent scams
- What to do if your business falls victim to fraud
Spotting The Signs
Criminals are experts at playing with peoples’ emotions; combine that with an abundance of information online, they can cleverly target individuals and businesses.
Here are the common signs of a scam:
- The criminal pretends to be someone you know and trust (e.g., a boss, coworker, vendor, or family member).
- They create sense of urgency (e.g., “Take action now or something bad will happen!”).
- They use fear and intimidation to make you panic.
“When we’re emotionally charged, we tend to not make very good decisions,” Kersten said. “A call or text could push you to panic about something … then all of a sudden, you’re going to the bank to pull out money, driving to a Bitcoin ATM, or buying gift cards to mail out.”
“It happens every day.”
In business, be cautious of conversations shifting to money and any sudden “new” payment instructions or details.
“If there’s suddenly new wire transfer instructions, a new bill that needs to be paid, or unfamiliar payment details, be cautious,” Kersten said. “That request might not be coming from a real vendor.”
Kersten recommends keeping an approved vendor list.
Avoiding A Scam
If you receive a suspicious request for money via phone, email, or text, it’s crucial to pump the brakes and verify the legitimacy of the request.
Follow these steps:
- Disconnect the call.
- Refrain from responding directly to the email or text.
- Reach out to the company or individual directly to confirm the request.
In addition:
- Keep your company’s software updated to thwart automated hacking attempts.
- Use strong and unique passwords for your online accounts and enable multi-factor authentication.
Today’s Top Scams
Fraud tactics are constantly evolving, and scammers are targeting more than just U.S. currency.
Cryptocurrency Scams
“A lot of criminals like to use cryptocurrency,” Kersten said.
The ease of purchasing cryptocurrencies, particularly Bitcoin, has increased. A quick search for “Bitcoin ATM near me” will reveal locations with machines for crypto transactions.
“In many ransomware scams targeting businesses, they’ll force the business to buy Bitcoin and give them the information over the phone,” Kersten said. “This gives the scammer a way to steal the money with little recourse for an agency like mine or law enforcement to get that money back.”
Gift Card Scam
Beware of the gift card scam in which a fraudster impersonates the "boss" and instructs an employee to purchase gift cards. The scammer may state that the gift cards are for rewarding employees and urgently request the serial numbers for immediate distribution, with a promise to reimburse the cost later. It’s a hoax.
Social Media - Imposter Accounts
It’s easy for scammers to take a screenshot of your business’s profile photo on social media and use it to create a new “imposter” account.
If this happens, Kersten recommends reaching out to the social media platform, and they will eventually shut the imposter account down.
Deepfake Scams
Artificial Intelligence (AI) has put a new twist on fraud in the form of deepfakes.
According to Kersten, criminals can replicate a person’s voice using AI after recording just three seconds of recording them speaking. They can even manipulate the Caller ID, making it appear as if you are receiving a genuine call from the person they are imitating.
On top of that, creating deepfake video has become effortless. That’s why it’s imperative you exercise caution before sharing sensitive information or making any financial transactions over an audio or video call.
Business Email Compromise
“We've all seen emails where scammers pretend to be somebody in the business in a finance or supervisory role,” Kersten said. “They’ll try to get somebody to pay an invoice to an updated mailing address or altered wire transfer instructions.”
A fundamental rule for all employees regarding email protocol is to refrain from clicking on any links unless you know exactly who sent it.
Mobile Devices
Mobile devices are a hot target for fraudsters.
“The number one text scam out there is: ‘We’re trying to deliver your package, but we have incomplete address information. Click this link to complete it,’” Kersten said. “If just one of these messages slips through and you click the link, it could compromise your devices.”
Utility Scams
During “utility scams,” fraudsters pose as a representative from your phone, internet, gas or electric company, and demand immediate payment to prevent your service from being disconnected.
Stay calm and verify the request through multiple channels. Also, consider limiting the number of people in your company who have authority to pay bills.
Too Good to Be True and Charity Scams
Beware of opportunities that seem too good to be true, whether they involve investments or job prospects. Also, make sure to stay vigilant against charity scams, as charities are exempt from “do not call list” regulations.
Ransomware Attack
In a ransomware attack, scammers can encrypt your files preventing you from accessing your devices.
Protect yourself from ransomware by:
- Arming your computers with robust antivirus protection
- Backing up your hard drives to external hard drives that aren’t connected to the network
Steps to Take After Becoming a Victim
If you fall victim to a scam, the consequences for your business can be severe:
- Financial losses
- Loss of computer system access
- Inability to conduct future business if computer access is compromised
Immediate action is crucial following an attack.
“Report it to law enforcement right away,” Kersten said. “And file a complaint with us. We’d be happy to look into it.”
Additionally, depending on the nature of the scam, you may be required to notify your customers about any potential data breaches.
Identify the warning signs. Protect yourself. Verify everything. Stop the scam.
Looking for more fraud resources?
Visit our Fraud Awareness page for information on current scams and fraud.
About Jeff Kersten: Jeff is an Outreach Specialist for the Bureau of Consumer Protection within the Wisconsin Department of Agriculture, Trade and Consumer Protection. As an Outreach Specialist, Jeff travels around the state to educate the public, businesses, and law enforcement on common scams and fraud, privacy protection, data security, identity theft, and other areas of consumer protection. Jeff has over 12 years of experience as a police officer and is a prior Consumer Projection Investigator for the Bureau of Consumer Protection.