From credit card fraudsters to phony bill demands, scammers aim for 28 million small businesses: Internet Scambusters #611
With another half dozen tricks to look out for, we're updating our previous issues dealing with small business scams this week.
We'll tell you how America's 28 million small firms face credit card con tricks, phony orders, instant payment demands and more.
And even if you're not in business, we've also got some new guidance about the increasingly common, bogus Microsoft tech support call in our Alert of the Week.
Now, here we go...
New Tricks Target Small Businesses
Small businesses are a fantastic target for scammers.
Owners and employees are often too busy to check things out carefully, sometimes inexperienced in the world of commerce, and there's a lot for crooks to go after -- 28 million small firms at the last count.
So, if you own one, run one or know somebody who does, here's a quick checklist of the latest small business scams currently doing the rounds.
Credit Card Processing Scams
Sooner or later, many small businesses find they need to be able to accept credit card payments, which means signing up for a processing service.
There are three scams to look out for here.
- Card fraud. Is someone trying to pay you with a stolen card?You can't always catch them but if you make sure you follow your card issuer's verification procedures you'll substantially reduce the risk -- and you may not be liable if the card turns out to be stolen.
- Bogus processing services. Small businesses are frequently pestered by telesales reps offering card processing services.Some of these are bogus or unlicensed companies that will try to sign you up and then charge exorbitant fees -- or simply take your money.If you need a processor, choose a reputable one. If you don't know one, talk to your bank.
- Equipment hijack. If you use a point of sale (POS) card swiping device, beware of calls supposedly from the POS supplier, your card processor or issuer saying their engineer needs to modify your equipment.What they might really be doing is hijacking the device by installing an additional piece of hardware that will steal card numbers.
If you receive a call like this, take the caller's details and say you'll call back. Then independently check with the appropriate company.
For more information on card processing scams, check this alert from the New York Retail Council:
Beware of Credit Card Processing Scams!
Scammers don't just try to steal the identity of individuals; they also target entire companies.
What they're after are names and job titles of key people who they can use either for fraudulent activity or to subsequently contact directly by pretending to know them.
They may also want confidential information like bank account details and other financial data.
How do they get this info?
Increasingly, they may try to hack computer systems but they'll also try to get the information they want by phoning or emailing, posing as officials of a state department, and saying the information is needed for legal compliance.
Action: You probably can't make yourself hack-proof, but good firewall and anti-virus software, a strong password policy and limits on who has access to your systems, together represent some protection.
As for information requests, don't give information, or allow employees to give it, to someone you don't know. Always carefully check callers' credentials first.
Impaired Hearing Ruse
Telephone services for people with hearing impairment are sometimes used by scammers as a way of hiding their identity as well as making their call seem more genuine.
The scam exploits the Text Telephone or TTY service that people with hearing difficulties use by typing in their requests, which are then relayed to recipients by a specialist phone operator.
The operator is not allowed to say where the call originated and, of course, inadvertently conceals a foreign accent or other signs that might arouse your suspicions.
The service is used by scammers to place a bogus order, which usually turns out to be an advance payment scam in which victims get a fake check from which they have to wire a substantial balance to a third party.
Action: If you get an order followed by an advance check like this, with a request to wire part to someone else, it's a scam. Period.
Paying for Non-Existent Orders
A scam that targets gas station and convenience store clerks is built on claims that the owner of the business has placed an order, which the clerk needs to pay for from the register.
The scammer arrives with an invoice and a key that he says is to a warehouse where the owner asked him to make the delivery.
He may claim the key belongs to the owner and that he (the scammer) is returning it subject to payment of the invoice.
Action: This scam has already hit several states and is likely to spread further. Make sure your employees know to call you before making any kind of payment -- or ban such payments altogether.
Pay Now Demands
Several scams aim to steal money from businesses by asking for instant payment for problem or unpaid bills. For example:
- Non-payment of utility bills. This is the same trick that targets individuals -- a telephone demand for immediate payment of a supposedly past-due utility bill by check or credit card.
- Liquor license scam. Restaurants and bars receive calls saying there's a problem with their liquor license fees and, again, requesting immediate payment by credit card.
Action: In most cases, a genuine payment request normally comes by mail, not a phone call.
Even if you do get a call, it would be to alert you to an issue rather than request instant payment.
Simply don't pay a caller in these circumstances; check with the company or licensing department independently.
Anyone running a small business knows how tough it already is, without also having to deal with scammers, and this latest list is by no means exhaustive.
Be on the lookout for other tricks that you'll find in some of our earlier issues.
Be alert and protect your small business from the crooks
Alert of the Week: No, that call you received about a computer fault was not from Microsoft or anyone associated with them. It was a crook trying to set up remote access to your PC.
No matter what he says, they haven't just spotted a problem and they don't need to do any kind of an update.
That's it for today -- we hope you enjoy your week!