Scams impacting small businesses are on the rise. According to a 2023 survey by the National Small Business Association, 59% of small businesses reported being victims of a scam in the past year, up from 48% in 2022. Scams are a serious threat to small businesses, as they can damage their reputation, finances, and operations. Scammers use various tactics to trick businesses into paying money, sharing sensitive information, or downloading malware. We have outlined some common scam tactics and suggestions to help your business prepare and defend themselves.
Here are some of the most common scams that impact small businesses:
- Phishing emails: Scammers send emails that appear to be from legitimate companies. These emails contain links that, when clicked, install malware on the victim’s computer or steal personal information.
- Fake invoices: Scammers send invoices that appear to be from legitimate vendors or companies. These invoices may include products that look legitimate but are not actually ones you purchase from the vendor, or may be legitimate-looking products but with inflated pricing.
- Impersonating businesses or government officials: Scammers call or email posing as government officials or as legitimate businesses. They may threaten to shut down the business or impose fines if the business owner does not pay a fee or provide personal information.
- Prepayment scams: Scammers may offer goods or services at a discounted price, but require full or partial payment upfront. The scammers then disappear without delivering the goods or services.
Preparation can be a good defense to protect your business from scams. Here are some ways that may help prepare your business:
- Train and prepare. Make sure to outline what you think makes your business susceptible, and then what would be necessary to protect your business. Employees are a helpful first line of defense, so educate them on your identified risks and how they can help in their role. This may include suggestions on what is shared across social media platforms or your website, password rules, rules on software updates, or training on how to help employees recognize a scam.
- Create a master list of all of your vendors and suppliers. This list should include contact information, including names and phone numbers, as well as the products or services that they provide to your business. Compiling and sharing a master list makes sure the right employees know and can help in case something out of the ordinary occurs.
- Develop a process for verifying the identity of vendors and suppliers before signing agreements or making any payments, especially for first-time vendors. Vendors may change the way they accept payments, but it’s always best to first double-check any change in payment delivery. For new vendors, this process may include checking references and verifying their business licenses.
- Monitor your financial accounts for suspicious activity. In your busiest months you may not have time to check statements by line, but reviewing account statements regularly you may catch unauthorized transactions and be able to report them faster.
- Develop a communication plan. How will you communicate with your customers, employees, and partners if your business is unfortunately the victim of a scam? Outlining roles and responsibilities within the business is key so everyone can contribute successfully. Your communication plan should also include steps on how to report the incident to the authorities, if necessary, and a list of which customers or partners need to be contacted and letter or email templates outlining what you are prepared to communicate to them.