How Businesses Can Fight Scams
Businesses are a high priority target for scammers, so it's important that everyone in the organization know how to recognize and respond to common scams.
If your business's computers are held hostage by a scammer demanding ransom or if your business loses funds to a scammer, report the scam immediately to the FBI.
Utility Shut Off Scams
A caller posing as a utility employee warns that if a past-due payment isn’t made immediately, the utility will shut off the business’s power or water within hours.
Scam shut off calls usually come late in the day, often just before a weekend or holiday. The threat of losing power – and sales – is enough to scare some owners or employees into sending a payment, even if they aren’t sure they owe.
Utilities don't call with shutoff threats –and they don't do shutoffs at night or on weekends. If in doubt, use the number on your utility bill to verify the status of your account.
Distraint Warrants and Other Scam Tax Demands
These mail scams target businesses with demands or "distraint warrants" for unpaid taxes. One version threatens business owners with seizure of their wages, bank accounts or Social Security benefits. The letters often reference Cuyahoga County offices that don't exist –for example, “Cuyahoga County Tax Assessment Securities” or the “Cuyahoga County Tax Processing Unit.” Do not call the phone numbers listed in these letters.
Do not make payments in response to the letters. Remember that government agencies will never ask you to pay using money wires, bitcoin or gift cards.
If you're unsure about your tax status, contact the Cuyahoga County Treasurer at 216-443-7420.
Business Email Compromise (BEC) and Phishing Scams
These scams happen when hackers gain access to a business's email system and target people who send or approve payments. The scammer poses as a high-level employee and tries to direct or reroute a payment.
Warn employees to verify orders to send or to change payment info by phone. If your email is compromised, a verification request sent by email will be answered by the scammer.
A similar scam – called phishing – occurs when someone mimicking a high-level manager asks an employee to arrange an unexpected payment or to send sensitive employee or customer data via email.
Train employees to hover over emails to detect imposters and to verify all requests by phone.
Scam Orders
Scammers place large (commercial) orders for merchandise and then either pay with counterfeit checks or ask for invoices or store financing that they don't pay. Typically, they ask businesses to send large orders before the payment is verified and may insist your business pay shipping charges on the order –so the business winds up losing both merchandise and money.
Scammers may use the names of known institutions (for example, a university in another state) or claim to be arranging a purchase remotely from outside the country.
Warn employees to alert management to any large order where the buyer is asking for unusual payment or shipping arrangements. Government agencies and universities would not normally finance payments through a store.
Look for mismatches in information, such as someone claiming to place a commercial order for a large corporation but using a free email service like yahoo or gmail.
Additional Resources
National Cyber Security Alliance
Find free, easy-to-use resources for protecting your business from the National Cyber Security Alliance.