Business Frauds and Scams – Beware and Protect Your Business 

Business Frauds and Scams – Beware and Protect Your Business 

rebuild your worth, book a free consultation todayBook Now


By Taz Rajan | Reading time: 4 minutes, 31 seconds | 904 words

As a business owner you work hard to serve your clients, take care of your employees, grow your brand, and keep your business afloat financially.  There are many threats to your business including the competition, the economy and even various types of fraud that target businesses.   

What are five common business scams? 

1.Business executive scam (also known as the business email compromise): Here, an employee authorized to make wire transfers receives an email that looks like it came from an executive in the company. (In some cases, the CEO or CFO’s email address will have been mimicked; in other cases, the executive’s actual email will have been compromised.) The message will often say the executive is working off-site and has identified an outstanding payment that needs to be paid right away. The executive provides a name and a bank account where the funds—usually a very large amount— are to be sent. Losses typically exceed $100,000.00. This scam is similar to Phishing schemes.  

Phishing schemes 

Phishing emails appear to be from a legitimate sender, but they’re actually from a scammer, and designed to capture valuable data like bank information, passwords, or credit card numbers. You may receive a message, supposedly from your bank, claiming that your online account has been compromised, or from CRA saying you’re being audited. Clicking on the link inside the email takes you to a website that is often an exact copy of the legitimate site, where you enter information allowing the scammer to steal from you. Make sure your firewalls and anti-virus software are up to date, and if you receive an email asking for confidential information, instead of clicking on a link or opening an attachment, call the sender directly (to a phone number you know is correct) to verify the legitimacy of the email. 

Like individuals, businesses can be targeted by spear phishing. Typically, someone within the business receives a spoofed request that appears to come from a known sender such as a boss, co-worker, or client. The email asks them to buy prepaid gift cards, such as iTunes, Google, Amazon, etc., and email the prepaid card numbers back to the sender. In other instances, the fraudsters may request them to send money via e-transfer. 

  

2. Supplier swindle: This scam targets businesses that have existing relationships and accounts with suppliers, wholesalers or contractors. Claiming to represent their regular supplier or existing contractor, the fraudster sends a spoofed email informing the business of a change in payment arrangements. The email notice provides new banking details and requests that future payments be made to this new account.  

A second way this scam works is when you are the supplier or retailer, particularly online.  

 Typically, the scammer contacts the seller, retailer, or online merchant to buy their product or service. The scammer will then make payment to the seller’s account using compromised credit cards or fraudulent financial instruments.  

 

3.Card Not Present (CNP): this involves the unauthorized and/or fraudulent gathering, trade and use of payment data (card numbers, expiry dates and passwords). True to its name, this scam occurs in cases where the card and cardholder are not present during a transaction.  A fraudster places an order for a product or service by phone, email, fax, or through the vendor’s website, intending to make the payment using a stolen or compromised payment card. The merchant, thinking this is a legitimate purchase, processes the payment on the stolen payment card(s) and delivers the product(s) or provides the service(s). Eventually the real cardholder finds out about the charge and disputes it. The merchant receives a chargeback and is responsible for paying back the amount charged on the stolen card. 

In another version of CNP, the scammers use stolen credit cards to purchase tickets for entertainment or travel from targeted merchants. They then resell the tickets for a cheaper price on classified ad sites and/or social media. In cases like this, the merchant is not the only victim: so is the person who buys the tickets being resold. In most cases, they won’t be able to use the tickets because the merchant cancels them once fraud is confirmed. The travel industry was hard hit by this scam for a long time.  

 

4. Purchase-order scams: In this variation, scammers posing as legitimate organizations such as hospitals or universities acquire products by setting up accounts with suppliers. They then make purchases using fake purchase orders, which are never paid. 

 

5. Directory scams: Con artists may call claiming they want to update your company's information in an online or printed directory. The call seems innocent enough, but what they're actually doing is getting your okay to be billed for a listing in the directory. After you receive a hefty bill, you may find out that the directory doesn’t exist, or that the scammers only print enough copies to give out to the people listed in it. Again, education is the key. Tell anyone who may answer the phone about this scheme. 

Knowledge paired with action is power.  For tips on how to protect your business from these scams and fraud, be sure to check out our How to Protect Your Business from Fraud blog. 

By Taz Rajan Community Engagement Partner at Bromwich+Smith 

Taz has been in the finance industry for nearly two decades and has always been passionate about education and empowerment.  Having declared bankruptcy herself, she intimately understands the shame, stigma surrounding matters of debt as well as the joy and relief that comes from restructuring. Taz actively works to normalize the conversation of debt through blogs, media interviews, webinars, lunch & learns and through building relationships. 

Add new comment

*

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
  • Lazy-loading is enabled for both <img> and <iframe> tags. If you want certain elements skip lazy-loading, add no-lazy class name.