According to the Nasdaq’s Global Financial Crime Report, an estimated $3.1 trillion in illicit funds flowed through the global financial system in 2023. Fraud scams and bank fraud schemes totaled $485.6 billion in projected losses globally. Given the increasing sophistication of fraudsters and the severe implications, we will discuss common scams and steps you can take to protect your business.

The Federal Trade Commission (FTC) works to help small businesses avoid scams, protect their computers and networks, and keep their customers’ data safe. The FTC lists common scams that target small businesses:

Fake Invoices and Unordered Merchandise: Scammers create phony invoices that look like you ordered products or services for your business. They hope the person who pays your bills will assume the invoices are real and make the payment. Except it’s all fake. Or a scammer might call, claiming they want to “confirm” an existing order, “verify” an address, or offer a “free” catalog or sample. If you say yes to any of those, unordered merchandise will arrive at your doorstep — followed by high-pressure demands to pay for it.

Social Engineering, Phishing, and Ransomware: If they aren’t careful, employees can be tricked into sending money, confidential information, or sensitive information like passwords or bank information to scammers. It often starts with a phishing email, social media contact, or a call that seems to come from a trusted source — for example, a supervisor or other senior employee — that creates urgency or fear. Other emails may look like routine password update requests or other automated messages but are actually attempts to steal your information. Scammers can also use malware to lock organizations’ files and hold them for ransom.

Fake Check Scams: Some scammers give you what seems like a plausible reason to overpay you with a check. Once accepted, they’ll ask you to send the extra money back to them or to someone else. But the check will be fake, even though it might show up as “cleared” in your account. By the time the bank discovers the check was bad, the scammer already has the money you sent them. You’ll be stuck repaying the bank.

Protection Tips:

• Train your employees not to send passwords or sensitive information by email, even if the email seems to come from a manager or co-worker.
• Never respond to suspicious emails, open attachments, or click on hyperlinks embedded in them. Check the sender’s email address to note any irregularities by hovering the mouse over it or using the drop-down button.
• Verify invoices and payments and implement dual approval for certain types of payments; this can introduce a pause and validation process before sending funds. If someone demands that you pay with a wire transfer, cryptocurrency, or gift card, don’t pay, it’s likely a scam.
• Before doing business with a new company, search the company’s name online with the term “scam” or “complaint.” Read what others are saying about that company. Ask people you trust for recommendations. 
• If you suspect you’ve been targeted by a scam, report it to the appropriate department within your organization. This helps track scams and potentially prevent others from falling victim.

When scammers go after your business, it can hurt your bottom line and reputation. By following these steps and fostering a culture of awareness within your business, you can significantly reduce the risk of financial scams.