Scams targeting small businesses

The last few years have been a difficult time for small businesses contending with big box stores and e-commerce giants. High interest rates, supply chain problems, labor shortages, and other disruptions relating to the Covid-19 pandemic have only made matters worse.. 

A recent poll found that one-third of small companies worry about going out of business in 2024. With so much to worry about, cybersecurity is at least one thing we can help you manage. 

Scammers tend to turn crises into self-serving catastrophes, and small to medium-sized businesses represent an outsized percentage of the scams and cybercrimes reported each year. 

Here are three common dangers to watch for:

  • Phishing scams: Small businesses are one of the most common targets for phishing campaigns.It’s understandable since owners and employees wear more hats at smaller operations, and may be distracted when sifting through incoming mail. Emails often deploy malware or prompt the recipient to provide sensitive information that can be used to steal money and/or customer data. Anti-phishing programs exist, but who has the time?It is mission critical to make the time to educate yourself and your employees about the danger of phishing and forms of business email compromise.
  • Phony invoices: Fraudulent invoices can be difficult to identify, and are an increasingly common strategy used by cybercriminals.

    Often using PayPal or Quickbooks to generate invoices, a fake business bills a target company–usually sending the invoice to the attention of the controller or accounts payable if that information is listed online. The recipient is less likely to question whether a payment is actually due because it comes from a known entity.

    A common strategy is for the scammer to bill a small amount of money, something that will be easy to miss, or just so small that the person looking over the bill doesn’t care. Once the “invoice” is paid, the fake business vanishes.
  • Overpayment scams: There are countless variations on the overpayment scam, but the beats are consistent: A small business does business with someone and receives a check for significantly more than what’s owed. A refund is then requested for the amount that was overpaid. After issuing the refund, the business owner finds that the original check was from a compromised and/or overdrawn account, and the scammer has made off with the difference. Worse yet, the business owner is on the hook for the amount stolen from the compromised account.

What you can do

Congratulations. By reading this article you’ve just started down the path to a safer business practice. Take some time to learn about the dangers facing small to medium enterprises today, and share what you learn with your employees. 

Consider investing in cybersecurity training; it’s an extra cost but a great expenditure since small businesses are typically less resilient than larger entities when they hit bumps in the road. 

Keeping your company safe from outside incursions is a process, not a destination. The threats out there are many, but you can keep your company safer by staying informed. 

If you’re not familiar with Adam’s 3Ms Approach to staying safer online, you can check it out here