Australia

Don’t Let Scammers Take Your Business for a Ride

Posted by Neil
Mar 8, 2017

Don't Let ScammersFrom fake emails to phony invoices, scammers keep dreaming up new ways to rip off small businesses.

Online scams were much easier to spot back in the days when they tended to make offers that were clearly too good to be true. It’s not hard to guess that you didn’t really win the French Lottery, and that a foreign diplomat doesn’t really need your help to smuggle gold out of a war-torn country.

These scams typically ask for a small payment up front, allegedly to expedite the paperwork or bribe a few border guards, but then the scammer pockets your up-front payment and leaves you in the lurch.

Unfortunately, scammers can be a lot more cunning when it comes to tricking businesses into handing over their money. Some business scams are simply designed to fool you into parting with some cash, while others aim to infect your computer with CryptoLocker ransomware and then demand payment for the return of your precious business files.

Rather than appearing too good to be true, business scams aim to look too boring to be fake, hoping that you won’t give them a second thought until it’s too late. That makes them harder to spot, but a healthy skepticism is your best line of defence.

Bogus invoices are a mainstay of business scams, such as charging you for goods like office stationery and printer supplies that you never agreed to buy and perhaps never even received. The scammer is hoping that an official-looking invoice for a reasonable amount will slip through your payments process without raising any eyebrows. If it does, they’ll keep sending invoices month after month, hoping you’ll never catch on.

The best defence against such scams is to centralise your payments process, ensuring invoices are only handled by authorised personnel who are across the business’ finances and are trained to spot the fakes. You might also introduce extra business processes, such as issuing purchase orders and vendor numbers, to help authenticate transactions.

Meanwhile, ransomware also aims to fool you with innocent-looking emails, but the idea is to trick you into opening an attachment or clicking on a link. This infects your computer with malware, which encrypts the contents of your hard drive and perhaps even spreads to other machines throughout the business. At this point the scammers demand money in return for the password to unlock your files.

Ransomware can be disguised as anything from a notification of a missed courier delivery to a warning about an unpaid electricity bill, threatening to cut the power if you don’t pay the attached invoice. The story varies, but the aim is always the same: hoping you’ll click on that attachment or link without a second thought.

Once again, the best line of defence against ransomware attacks is a healthy sense of paranoia, assuming anything that smells even slightly fishy almost certainly is. Often you can pick these scams by the fact that they don’t come from one of your usual service providers, such as the wrong bank, or the fact the sender’s email address doesn’t match up with the business name.

If you’re concerned it might be a legitimate email, because it claims to come from one of your actual service providers, the best course of action is to pick up the phone and call them. Don’t trust any phone numbers listed in the email; instead, look up the number in the phone directory and go through the main switchboard.

Your last line of defence against ransomware is a robust backup system, which ensures you can recover your files without giving into ransom demands.

Scammers see small businesses as easy targets, but with these few simple security precautions you can toughen up your defences to ensure you don’t get taken for a ride.

Comments are closed.