Move over Mr. Robot: here are two new business scams to watch out for

WP Logo

(This post originally appeared on The Washington Post)

You work hard for your money. So do your employees. But some people don’t care. They just want to steal it – and they keep coming up with devious scams to do that. Here are two new relatively new ones that you and your employees should know about it.

The Yes Scam

The goal of this one is to get you to sign up for services you don’t want. How? Just by saying yes.

According to The American Genius, this is when an automated system or telemarketer calls your business and asks you a yes or no question, like “can you hear me?”  If you answer yes to that question, you’ve got a problem. The people behind the scam will then make a duplicate recording of that one “yes” that you said and then use it again and again as your approval for other products and services they’re selling–like a cruise or security system you never ordered. When you try to dispute the claims you’re then exposed to potential costly (and annoying) legal action.

What to do? Be wary of robocalls. Try not to say “yes” to any questions, instead responding with “I can hear you.” Consider screening apps for your smartphone and office phone system that blocks calls with no caller ID (although unfortunately that could also block potential customers too).

“Remember the phone safety rules you learned as a kid,” writes Lindsay Huber. “Don’t talk to strangers, don’t give out personal information, and if all else fails, say your mom is definitely home, she’s just in the bathroom.”

The CEO Scam

According to an article in early January by Ellen Vessels, also at The American Genius, this scam is “hitting businesses hard.” Here’s how it works:

With a little research online (and a little hacking), the thief can likely figure out which employees do fund transfers as part of their jobs for your company. A targeted employee at your company then gets an email that she thinks is from you. She thinks that because the scammer has figured out your email address and created a similar one with maybe one character changed in the website so any replies will go to a completely different website than your company’s. The thief, who’s impersonating you the business owner, then instructs the employee to transfer funds to his account. OK, it’s not super technical. But it doesn’t have to be.

How big a problem is this? Big and getting bigger. Since January 2015, the FBI has reported a 270 percent increase in this kind of scam with companies losing an average of $25,000 to $75,000. The fraud has occurred in all 50 states and more than 70 countries and has scammed more than $2.3 billion from businesses.

How to protect yourself?  Make sure your employees are aware of this kind of scam and that they double check domain names and email addresses before completing funds transfers. The American Genius piece also passes on an FBI recommendation to implement a two-step authentication process for large transactions, requiring approval by both email and phone.

Seems like some people just can’t make an honest living. But that shouldn’t mean you help them.

Advertisements

Tags: , , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: