Is Your Business Doing Enough to Stay a Step Ahead of Scammers?

Business environments are competitive enough without unwelcomed interference from scammers. Unfortunately for entrepreneurs, wherever legitimate profits are made, the criminal element tries to ride the wave of good fortune, running scams to get a piece of the pie.

Advancing technology, criminal innovation, and greed, all work against you, making it harder than ever to defend your small business from opportunists, willing to exploit your venture for illegitimate gains. In modern terms, two of the biggest threats to commercial security are data breaches and fraud, launched by sophisticated organizations, targeting credit card information, customer data, security codes, PIN numbers, and other sensitive information.

Data breaches are disastrous for everyone involved, from your unsuspecting customers to staff members working to pick up the pieces following a data scam. Anyone who has become a victim of criminal schemes knows recovery is an uphill battle. Are you doing enough to protect your small business from modern scams?

Scams of All Sorts

One of the challenges facing small business security professionals is the sheer number of scams regularly perpetrated upon small businesses. Before adequate defenses are built against one type of threat, another villain arises, requiring immediate attention.

If you thought big businesses are the only scam victims, think again. According to information from the Association of Certified Fraud Examiners, small businesses lose much more money to fraudsters each year than their big business counterparts. Concerns about data protection are no longer reserved for big companies; small businesses are vulnerable, too. While data breaches are expensive for large-scale victims, small ventures don’t have deep pockets to recover from data fraud, so the crimes’ impacts resonate with organizations of all sizes.

Among the popular rackets now gaining momentum, tech support scams are on the rise. The fraud uses phony concern for data protection to gain confidence with would-be victims. A recent article highlighted some of the ways scammers gain access and strategies you can use to stop them in their tracks.

• Links and Ads – Clever scammers present ads for their “services” using Google and other search engines to recruit victims. The ads look just like others offering genuine goods and services, so it’s easy to fall for the ruse. The best way to protect yourself in this case is to vet companies before clicking on ads and links – particularly unsolicited offers – and to do business only with organizations you trust.
• Phone Solicitations – With tech targets rising, it’s natural to assume your vulnerabilities are online or within computer networks. Though high-tech scams are common, criminals also turn to yesterday’s technology to carry-off scams. Phone schemes start with a phone call, claiming trusted status and asking for further information, needed to protect you from threats. In many cases, callers recommend updates or repairs to your system, requiring security codes and/or passwords to access your computer. The opportunistic criminals may also ask for personal information and access to online services, in order to conduct “diagnostic tests” and “virus scans.” Of course their support services are bogus; all the callers want is to profit from whatever sensitive information they can extract by phone. To beat them at their own game, hang up first, and then dial a reputable provider to protect you from similar scams.
• Pop-Up Error Messages – Pop-up windows that don’t seem to make sense may indeed by criminals appealing to your security sensibilities. Warning of false viruses or problems with your computer, the messages may actually install malicious software or direct you into scammers’ hands with phone numbers. Under scrutiny, you may be able to identify illegitimate error messages, because they are often poorly laid out and may contain bad grammar and other errors. It might be possible to close the message boxes yourself, but if they are persistent, repeatedly reappearing, you may have to contract a professional to rid your machine or network of viruses.
• Emails – Like other access points, scammers use email accounts to trick recipients into unknowingly participating in criminal schemes. The fraudsters fool users with trusted logos and appeal to victims by masquerading as legitimate, well-known companies. Despite warnings against opening unfamiliar emails, the tactic often works in commercial environments, where multiple computers are connected, unmonitored, and used by a number of individuals. To stay a step ahead of email fraud, advise staff to study emails carefully, vetting both the senders name and domain. And to look for obvious signs of fakes such as spelling errors and other red flags.

Is it Too Late?

Security breaches are increasingly common in the workplace, so you may one day be touched firsthand by the problem. When you do fall victim to a tech support scam, swift action helps mitigate damage caused by the breach.

• If your company credit information is in the hands of scammers or you’ve already made a payment, contact your financial institution to reverse charges or freeze your credit card.
• If you believe you’ve encountered malware, immediately assess security across your entire network of devices. Run scans to ensure malware’s removed and the network is secure.
• If you’ve granted someone access to your computer, only to find you’re a scam victim, disconnect from the internet and consult your service provider.
• If an installed application is found to be malicious, uninstall it and rely on trusted security software and IT professionals to ensure your system is clean.

In addition to the reactive measure listed above, the mediafeed.org article also recommends regularly changing your passwords, particularly after exposure to potential risks, as another defense against business scam threats.

Staying a step ahead of scammers has become a full-time job for businesses of all sizes. Recent tech support scams appeal to business owners’ desire for better security, only to exploit well-meaning owner/operators striving to do the right thing. To avoid falling victim to scam artists, provide staff support outlining safe practices, and be on the lookout for phony tech support teams running rackets on unsuspecting entrepreneurs.