Small business owners today face business scams from well-trained, tech-savvy criminals who often operate from countries beyond the reach of the law. With the current technology, it’s easy to copy or modify letterheads, create fake websites, or obtain business details such as your name and address through public listings, or from your website.
Scammers use their knowledge of small business practices to fraudulently persuade businesses to pay for services never performed, or for products never delivered. The scammers use a number of different techniques which include sending phony invoices for items never ordered; offers for non-existent office supplies; using prizes as an inducement to sell overpriced office equipment and supplies; and sending fake Yellow Page advertisement renewal forms, which are actually contracts for advertisements in other directories.
Scammers may also send out spam [unsolicited emails] requesting that you update your banking details through a link in the email.
Scammers will go to great lengths in business scams to convince you their offers or documents are genuine. They target small business owners because they usually lack the time and resources to fight fraud.
You receive an account for a directory listing or for the placement of advertising. You pay it, not realising that the directory or magazine is either non-existent, or is printed solely for the purpose of the scam. You may find the invoice has been designed to look like an invoice from a major media company. Scammers may also phone to confirm details of an advertising order, but then try to confuse your staff by referencing a genuine advertisement you have placed before.
A variation on this approach is that you may be offered free advertising, but in fact the order also covers further entries that must be paid.
If you think the publication is a legitimate one and that you may have authorised an entry, ask for proof of its existence. Try to also keep written records of any authorisations for advertising or directory listings so you can go back to your records to check it.
You do not have to pay for any directory listing that you did not authorise in writing.
Businesses often fall for this scam because they are being invoiced for items they buy regularly such as photocopy paper, printing supplies, maintenance supplies or advertising, which is why it is important to ensure you only use suppliers you know and trust. If an order is placed, the products may either be overpriced with poor quality, or not delivered at all.
A domain name is the business internet address people use to get to a website such as www.YourBusiness.com. The domain name must be renewed regularly at intervals you choose, such as annually or every couple of years.
Domain name renewal scams can be one of two main types. You may be sent an invoice for a domain name that is very similar sounding to your current domain name, with the scammer hoping that you don’t notice the difference and just pay the invoice.
You may also be sent a letter that looks like a renewal notice for your actual domain name, but is from a different company to the one you previously used to register your domain name.
Avoid this scam by checking that the domain name listed in the invoice is the same as your actual domain name. If it is the same, also make sure that the invoice is from the company who you have previously used to register your domain name.
A variation to this scam occurs when business owners receive unsolicited letters/emails that may appear to be trade mark, patent and/or renewal invoices. If you own a registered patent and/or trade mark, you may find yourself the target of letters/emails regarding overseas registration of your application.
If you are unfamiliar with the organisation, especially letters/emails requesting payment for unsolicited services, you should treat the request with extreme caution.
A business opportunity scam offers you a way to make a lot of money quickly, and may come to you through a spam email, a phone call (telemarketing) or a letter.
These scams are similar to computer prediction software, pyramid schemes, work from home scams and chain letters. The scam usually works by requesting you to make an upfront payment (for something that does not work or is not what you expected), getting you to accept money into your bank account for fake charities or businesses, paying for a ‘system’ to make money which doesn’t work as it is supposed to, or recruiting other people to the scheme (pyramid schemes).
The only people who make money in the get-rich-quick schemes are the scammers. Do not agree to transfer money for someone else (money laundering) as it is illegal. Also be wary of any job offers that require you to pay an upfront fee.
Remember, before you respond to a business opportunity advertisement, ask yourself why somebody you don’t know would offer you this opportunity. If someone had a guaranteed way of making a lot of money, why would they share it with you?
Always investigate money-making schemes very carefully before parting with your money. Take time to seek independent legal or other professional advice.
An overpayment scam starts when a scammer makes contact with a business to purchase goods or services. They send payment using a check [or sometimes a stolen credit card] for more than the agreed price. The scammer then asks for a refund for the overpayment, or to send the overpayment to their freight company [part of the scam] before you discover that the check has bounced or the credit card was stolen. Often, the businesses are asked to send the goods to a third party, who will in turn send them to the scammers.
Always send overpayment checks back and ask for the correct amount, and don’t send goods until the check has cleared. Be wary of orders with new customers that are required ‘urgently’.
The damaged goods scam is common to the restaurant industry, and is now starting to surface in other businesses. The scam begins with an individual calling or writing to your business falsely claiming that a member of your staff has damaged their clothing, jewellery automobile, or other item. The scammer encloses a bill and requests reimbursement to repair the damaged item.
If you receive this type of request, ask for the time, date, and location where the damage occurred. Ask the person to describe the staff member responsible for damaging the items and be sure to examine the supposedly damaged items.
A phishing scam is the process of attempting to get sensitive information such as credit card details, usernames and passwords by pretending to be a trustworthy organisation.
Phishing e-mail messages can take a number of forms. They might appear to come from your online bank or financial institution, auction sites such as eBay, online payment processors such as PayPal, a company you regularly do business with, or from your social networking site such as YouTube or Facebook.
Phishing scams are usually carried out by email or instant messaging, and direct you to a fake website where you enter personal details. The fake website will look similar or identical to the legitimate website.
In order to trick you into revealing your personal details, the message might include phrases like "confirm billing information" or "verify your account" or "update your credit card information" or "If you don't respond within 48 hours your account will be closed".
These are examples of messages you may receive:
"We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity."
"During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information."
The messages convey a sense of urgency so that you will respond immediately without thinking. The message might even claim that your quick response is required because your account has been compromised.
To avoid this scam, be suspicious of any emails with urgent requests for personal or financial information, especially if they have exciting or upsetting information designed to get you to respond urgently.
Don't reply to email or pop-up messages that ask for personal or financial information, and don't click on links in the message. Don't cut and paste a link from the message into your Web browser because phishers can make links look like they go one place, but that actually send you to a different site.
Always ensure that you are using a secure website when submitting credit card or other sensitive information via your web browser. Phishers are now able to forge both the https:// that you normally see when you are on a secure Web server, and also a legitimate looking address.
Make sure you enter the address of any banking, shopping, or financial transaction website yourself and don't use displayed links. Phishers can also forge the yellow lock you would normally see near the bottom of your screen on a secure site. The lock used to be an indicator of a 'safe' site. When the lock is double-clicked, it displays the security certificate for the site. If you get any warnings that the address of the site you have displayed does not match the certificate, don't proceed.
Staying one step ahead of the scammers is critical for all small business owners. To achieve this generally means taking a cautious approach on fax, phone and e-mail orders and offers, as well as making sure you've got the money in the bank before parting with your goods or services.
Develop a formal anti-fraud policy on business scams, and ensure your workers receive education/attend a course about the most common types of scams against small businesses.
Remember, if something sounds too good to be true, it usually is.