Join Fund Library now and get free access to personalized features to help you manage your investments.

How fraudsters target businesses

Published on 03-10-2021

Share This Article

Common scams and swindles and how to protect yourself

 

March is fraud prevention month, and the bad guys have been busy. The Canadian Anti-Fraud Centre reports that in January this year, more than $10 million has been lost to fraud, while scammers racked up theft of over $106 million in 2020 – and that’s just the amount that was reported in 68,000 cases. Much of that is taken from unsuspecting business owners, managers, and executives. Here’s a look at the most common scams targeting businesses, with some tips on how to protect yourself.

Invoice scams and swindles

One of the most common frauds perpetrated against business owners is a fake invoice for supplies or services that were never delivered. Often, the invoice contains a fine print that identifies the bill as a solicitation. Generally, the amount is small enough to not initially raise a red flag.

Scammers are very diligent in their research of targets, searching out existing business relationships (much of this is already in the public domain through social media sites). The business owner or manager or employee will get a spoofed email that looks like it comes from a trusted source, asking for payment or a change to banking information or for other confidential data, such as passwords and banking login information.

It’s called spear-phishing, and it is one of the most commonly used cyber attacks now in use. The CAFC lists these six warning signs that an email may be a fraud attack on your business:

The CRA/bank threat scam

This particular con never seems to go out of fashion. And plenty of smaller business fall for it every year. Usually it takes the form of a telephone call directly to the business owner or key employee. Typically a voice recording claims to be an “agent” of either the Canada Revenue Agency or Service Canada. The recording claims that you owe back taxes, or that you are under investigation, or that you have committed a tax fraud of some sort. It’s accompanied with a threat that if you do not respond to the call or give the information requested (often banking or social insurance number), legal action will be taken against you, including arrest and seizure of assets. Immediate payment is demanded through some money transfer business, pre‐paid cards/gift cards, or cryptocurrency.

A similar scam is a message that claims to be from your bank or credit card company, stating that your account has been compromised in some way and asking for confidential personal information to “re-set” your accounts.

It’s a jaw-droppingly ridiculous scam, because no government department or agency, or indeed any financial institution or reputable business will ever call, email, or text message you with threats or demands for information or payment of any kind.

If you receive such calls, simply hang up without engaging. You may report the call to the CAFC or to your financial institution.

Social media scams

Fraudsters are increasingly using a new type of social engineering scam involving fake social media accounts. These often appear to be from municipal government officials stating that the small-business owner, manager, or executive is qualified to receive Covid-19 relief payments. As is usual with this category of scam, the target is asked to link to an official looking “log-in” page that requests confidential information or demands that a “deposit” payment be sent in advance with pre-paid gift cards before the relief funds are released.

Again, it’s an audacious scam, as no government agency at any level will ever reach out to any business or individual to offer funds of any kind. Much less demand a “good faith deposit” in the form of gift cards. Never respond to these, and instead forward the email to the CAFC.

Protect yourself and your business

The Better Business Bureau advises that the first line of defense against fraud is to keep clear records of purchases and invoices to help guard against bogus accounts and invoices. In addition, establish proper payment procedures, including multi-person approval for larger transactions. And avoid wire transfer and pre-paid card transactions altogether.

Maintain robust IT security, including firewall, malware, and anti-virus protection. And never click on links in unsolicited, unexpected, or suspicious emails or text messages.

Robyn Thompson, CFP, CIM, FCSI, is the founder of Castlemark Wealth Management, a boutique financial advisory firm specializing in wealth management for high net worth individuals and families. Contact her directly by phone at 416-828-7159, or by email at rthompson@castlemarkwealth.com for a confidential planning consultation.

Notes and Disclaimer

© 2021 by the Fund Library. All rights reserved. Reproduction in whole or in part by any means without prior written permission is prohibited.

The foregoing is for general information purposes only and is the opinion of the writer. Securities mentioned are illustrative only and carry risk of loss. No guarantee of investment performance is made or implied. It is not intended to provide specific personalized advice including, without limitation, investment, financial, legal, accounting or tax advice. Please contact the author to discuss your particular circumstances.

Join Fund Library now and get free access to personalized features to help you manage your investments.