The holiday season is nearly upon us, and as many prepare themselves for festivities and online shopping, cyber thieves are quietly plotting how to rip us off. Businesses beware, tis the season to be scammed
Hijacking is one scheme used for online scamming that con artists pull on unsuspecting businesses.
With fall and winter holidays coming up and more sales coming through, you can bet online scammers are amping up their game looking for vulnerable businesses to con.
The Better Business Bureau highlights the most recent scams going around – hijacking, phishing and scams involving the Yellow Pages and local authorities are the most recent trending scams.
A common scenario is a supply scam, according to the Kentucky Attorney General. This often plays out as a call from a supplier you are not familiar with. If they try to sell you a “surplus at a discount price” or claim you have a large order that you never made, chances are your business has been hijacked, according to the Better Business Bureau.
A con artist will contact a supplier, put in an order using your business name and other information but has a different shipping address, so if a supplier doesn’t check up to verify who ordered, thousands of dollars’ worth of supplies may be headed to a destination other than yours and you’ll be stuck with the bill.
Another hijacking scheme is creating fake websites. Scammers will use your business’ URL and existing site making them seem legitimate, or hack into your business website and create fake online forms in which they can receive sensitive information from your customers and clients without them, or you, knowing it’s a scam.
Online hijackers could even redirect your Web traffic to other sites that sell bogus items if your network isn’t protected well.
One of the trendier terms in online scamming is “phishing,” which come in many forms. Phishing is when con artists impersonate other companies or organizations, looking to extract any personal information about you or your business that could be used for identity theft.
There are many forms of phishing, however, email phishing is the most common.
Often businesses will receive fraudulent emails from so-called legitimate companies – often they claim to be a bank or retailer – asking you for sensitive information, such as your credit card number or Social Security number, to unlock a certain account or to provide better protection from – get this – online scammers.
Phishing is serious enough that state governments have issued warnings to businesses, often at length. Minnesota Attorney General Lori Swanson spells out phishing quite extensively on her state website, pointing out a variety of phishing scams, such as website phishing (websites that look like familiar business websites), phony government email phishing, and terms like “vishing” and “smishing” that are scams used over a telephone or SMS.
Particularly aimed at small businesses, this telephone scam involves a person calling you claiming to be a website that would like to include updated information on your business. Once you’ve given that information, he or she asks you to repeat it to confirm the information. Unknown to you, the scammer records you.
Weeks later, you receive an invoice with a whopping charge on it for an ad from the Yellow Pages online directory that you never signed up for. The trick here is when you call to complain, you get “proof” that you signed up for it, as the scammer plays back an altered recording of you that makes it sound like you ordered an ad for the listing.
Another over-the-phone scam small businesses need to be aware of are ones where scammers pretend to be local authorities informing you that there is a warrant out for your arrest or a pending fine you need to pay immediately.
The reason why many small business owners fall for this trick is that the scammer have used a computer program to cloak the caller ID number, changing it to show it’s from the “sheriff’s office” or “state police post,” a trick called “spoofing.”
The scammers say the only way to avoid any criminal charges is by sending money, either by money order or a pre-paid debit card.
– Equip your business with anti-phishing devices and software. The first line of defense is knowledge of possible scams. The next step is making it more difficult for scammers to burn you and your business.
– For Dummies points out that even though you have anti-phishing devices or software installed, it’s still a good idea to close your Wi-Fi and Bluetooth connections when not in use.
– If your business receives a call from “the Yellow Pages,” NFIB suggests to request additional information from the caller, find out how, where and how often the publication is distributed, and to check with your local Yellow Pages publisher to be sure the person you talked to was legitimate.
– Minnesota Attorney General Lori Swanson reminds business owners that there is no federal law requiring you to register any financial information with the federal government (such as the IRS or FDIC). This is a form of phony government e-mail phishing.
If the “police” come calling, the Better Business Bureau advises to never wire money over the phone. It is best to just hang up before delving out any other information. Be sure to contact the real police and report the incident.