Dr. Paul Weber from Curtin University and Australian Competition and Consumer Commission (ACCC) Deputy Chair Michael Schaper details new sophisticated scams that target small businesses.
Business Identity Theft
The scammer gains access to the business or supplier's account, then waits for a big transaction. When the supplier asks the business to transfer a large sum of money to a specific account, the scammer intercepts the email. They use the exact same information but change the account number, then forward the email to the business' inbox.The unsuspecting business ends up paying the money to the scammers account, thinking that it was the supplier. By the time both parties have figured out what happened, the money already went to the wrong account and couldn't be recovered.
According to Weber, businesses aren't generally protected from this scam because banks are busy defending consumers from similar attacks. Scammers learn how to mimic a business' behaviour so the victim wouldn't suspect a thing.
Weber suggests for businesses to have “separate independent contact with all electronic transaction requests.”
Online Shopping
The scammer buys a product using a stolen credit card, then claims they “overpaid” the business. The scammer would then asks for a “refund” and hope that they get the transfer before the business discovers that the original payment was a fake.Fortunately, the conversion rate of this type of scam has dropped to nearly 37 per cent in 2012 according to ACCC. Schaper advises small businesses to keep their firewalls up to date, offer multiple payment channels, and install a verifiable online security system.
Social Media
Scammers use public information from social media to impersonate businesses and individuals. They can hack into a Facebook account and monitor their activity, waiting for the opportunity to set-up a scheme. For example, a business owner leaves a message that he's going away for a vacation. The scammer then uses this as an excuse, sending a message to his family and friends that he's stuck somewhere overseas and needs financial help.Small businesses should have a social media policy at the workplace. Staff who access their social media account from the office computer can open the business to hackers. Practising BYOD (Bring your own device) also adds a security risk. Start-ups should be careful on what information they share online, and have someone in their marketing team to monitor social media activity.
Fake Directory Listing
An old school scamming method wherein faxes were sent to small businesses, asking them to confirm their contact details. In reality, the fine print indicates that they are signing up for an online business directory service for a minimum of $99 a month for two years. The business called itself the “Yellow Page Australia” or “Open Directory”.Small businesses should not refer to URL links in the email to make a background check. They should look if there is a legitimate point of contact other than a website and/or phone number.
Other Scams
Other scams include fake grants and tips on winning tenders. In both schemes, the scammer would ask for a fee or investment upfront, before delivering on their promise. This of course, never happens.As the old lesson goes, if its too good to be true it probably is. In this situation, it pays to be cynical of suppliers offering business opportunities through special offers and limited time only deals. Small businesses should spend time researching the supplier or company behind the offer.
Small businesses should contact the supplier through a different channel, to see if they are legitimate. If they get an email, make a call or find out if there is a physical address and look at the street image in Google.
Small business owners can contact SCAMwatch or GrantsLINK if they were scammed or if they were approached by a scammer.
This article first appeared in Smart Company.
Post a Comment