Skip to main content
  1. Home
  2. Online Security
  3. Business Security News
  4. Top 10 Scams Targeting Small Businesses

Top 10 Scams Targeting Small Businesses

Regardless of location, size, or industry, scams can impact every business.  Making small businesses and start-ups more vulnerable is the lack of cybersecurity support or established accounting processes of large companies. 

Knowledge is the best protection.  Stay informed about common scams and report them if your business is targeted. 

Here are the top 10 Small Business Scams:

  1. Business Email Compromise: Business email compromise, also known as BEC, fraud is an email phishing scam that targets those within a business, government, or nonprofit organization who pay the bills. This type of scam has resulted in more losses than any other type of fraud within the United States. In BEC fraud, the scammer poses as a vendor or other trusted source.  The scammer then emails the accountant or chief financial officer, asking them to wire money, buy gift cards, or send personal information for a plausible reason.  If money is sent, it goes to an account controlled by the scammer.
  1. Phony Invoices: This scam consists of fake invoices demanding payment for products or services never ordered or received. These scams commonly involve office supplies, website or domain hosting services, and directory listings.  These can be identified most times by seeing fine print that identifies the bill as a solicitation – it is generally small enough to not initially raise a red flag, leading the business to pay for a service it did not receive.
  1. Directory Scams: Con artists will attempt to trick businesses into paying for a listing or ad space in a non-existent directory. This scam occurs in two ways: the scammer will lie about being a legitimate directory or the directory may exist but will not be distributed to potential customers.  Either way, the business is billed for listing services they didn’t agree to or ads that were never placed.  This scam has plagued businesses for decades.
  1. Stolen Identity: Scammers will steal the identity of a business by setting up a fake website(s) to “hijack” a legitimate company name and address to trick customers. This scam also involves brand hijacking – the blatant copying and misuse of company logos and website content to impersonate a business and deceive unsuspecting visitors.  The hijacked company doesn’t necessarily lose money; however, the reputational currency is tarnished when angry customers think the actual company is responsible for ripping them off.
  1. Charity Pitches: Every year, small businesses become victims of fraudulent or deceptive charitable solicitation schemes. Research charities and learn more about giving tips at Give.org.
  1. Phishing Scams: These scams often appear to be legitimate emails or text messages. When the link within is selected, a virus downloads personal information or loads a form that asks for bank account or credit card details.  Be wary of unsolicited messages and do not click on links. 
  1. Office Supply Scams: Businesses will receive an unexpected telephone call from someone claiming to represent a reputable company with which the firm often does business. Scammers will even call in advance to find out what brand of supplies or equipment the business uses.  The scammer will try to sell the business surplus merchandise at a reduced price due to over-order or cancellation when the supplies or merchandise do not exist.
  1. Coupon Books: Businesses are approached to offer discounts or extras in coupon books sold by promoters to consumers. Problems occur if the promoter changes the terms of the coupons, oversells the books, or distributes the books outside the normal business area.  Ensure a trustworthy source promotes the coupon book where the terms and conditions are clearly defined.
  1. Vanity Award Scams: The scammer will typically target business owners through email campaigns by congratulating them on their selection as a reward recipient. The email invites the owner to click a link for further details on how to claim the prize.  However, the “honor” involves the business owner paying a several-hundred dollar fee to claim their “award.”  Always research the organization offering the “award.”
  1. Overpayment Scams: This scam occurs when the scammer sends a check payment for more than is due to your business, requesting that the overpayment be wired back to them. The “check” is fake, either because the account it is written off of is closed, overdrawn, or never existed. The small business loses the money for the payment, any bank fees, and what was wired to the scammer.

Tips to Avoid Scams

  • Keep good records and documentation of all orders and purchases to help detect fake accounts and invoices.
  • Be extra careful with payment procedures. Establish payment authorization procedures, including multi-person approval processes for transactions above a certain dollar threshold.
  • Avoid some payment methods when possible. Wire transfers, pre-paid debit cards, and gift cards are scammer’s preferred methods of payment.  Confirm any request for payment with these untraceable methods with an authorized source.  Create a paper trail with written payment methods.
  • Double-check vendors. Ensure the billing business is one you’re familiar with and usually do business with.  Get the name of the person you speak with, the company name, address, phone number, and website when verifying a vendor.
  • Be careful what information you share. Do not volunteer information about your business unless you know what the information will be used for.  Never provide personal information or financial details to someone you don’t know.
  • Protect your devices. Install proper computer protection software and a firewall.  Do not select links within unsolicited emails as they could spread malicious software or viruses.
  • Spread the word. Inform your employees and colleagues of current scams so they can recognize and question them.