Business Scams: Don’t Get Caught Out
Criminals don’t just target consumers; they also target businesses. In the first half of 2021, British firms lost £59.2 million to scams, according to UK Finance!
But never fear. The Scambusters expert team – Louise Baxter from the National Trading Standards Scams Team and James Walker from Rightly – are here to help us take control, spot a scam and stop and/or report it.
Under pressure and vulnerable
Fraudsters work hard to try and mislead businesses. They use persuasive sales techniques and false statements to try and make them part with their money.
Criminals can spend many hours researching businesses for their scams, hoping staff will let their guard down for just a moment.
With limited resources and turbulent economic conditions, companies usually prioritise innovation, growth and survival over due diligence, internet controls and risk mitigation. However this leaves them particularly vulnerable to fraud.
Business fraud can come from anywhere: internal staff, customers, suppliers or unconnected third parties.
Scams aimed at businesses
Common business scams include
- Publishing, advertising and directory scams
- Impersonation scams
- Advance-fee fraud
- Investment scams
- Ransomware and tech support scams
Impersonation fraud
There has been an increase in impersonation scams from criminals pretending to be HMRC or Government agencies. Businesses may be contacted by phone, email or post by criminals seeking their business’s financial information or stating a refund is owed.
This is a way of harvesting business details so they can be re targeted for other scams and fraud.
Mandate fraud
In 2019, UK Finance reported that businesses had lost over £82m to invoice/mandate fraud.
A business will receive a request out of the blue to change the bank details of an existing supplier. Alternatively, they will be contacted and supplied with a false invoice for an amount that is under the limit at which authorisation is needed. This makes it more likely to be paid.
Tech Support Scams
With more people working remotely and IT systems under pressure, criminals may impersonate well-known companies and offer to repair devices. A phone call or email may offer to fix an issue such as a slow connection or software problem. A business may be asked to make an advance payment, share login details or download software.
Criminals are trying to gain access to the computers or get passwords and login details. The caller will try to instil a sense of panic and demand payments to fix issues that don’t exist.
If you are in business, remember…
- Be cautious of unexpected, urgent requests for payment by text. Criminals can spoof phone numbers of senior members of staff, making it look legitimate.
- If you receive a request to make an urgent payment or change supplier bank details, take a moment to stop and think.
- Never install any software, or grant remote access to your computer, as the result of a cold call.
- Genuine companies would never contact you out of the blue and ask for financial information, passwords or login details.
- Follow internal procedures for approving new payments. Be suspicious of requests to deviate from this.
- Taking a moment to stop and think before parting with your money or information could keep you safe.
How do I train my staff to be vigilant?
Protect your business today by joining Businesses Against Scams. You will then be able access free materials to train your staff on what to look out for.
Tips of the week
- If you think that your company has been scammed, then you should report it to the bank as soon as the discovery has been made. They may be able to stop the payment.
- Report it to Action Fraud on 0300 123 2040 or via actionfraud.police.uk. If you are in Scotland, then please report to Police Scotland directly by calling 101 or Advice Direct Scotland on 0808 164 6000.
- STOP others being a cybercrime victim by reporting scams and suspicious emails. Forward the scam email to report@phishing.gov.uk. Use Rightly to stop fraudsters sharing your data exposing you to scams.