Fraud Protection for Small and Medium Sized Businesses

With more small to medium sized businesses embracing internet services for their operations, fraud attempts from hackers are reaching all time highs. Although small businesses are used to getting spammy calls for their business, many of them are unable to decipher fraudulent emails from hackers. The Association of Certified Fraud Examiners reported that U.S. businesses lose an average of 5% of their gross revenues to fraud.  IT companies are reporting that their clients are falling victim to fraud and are losing up to $15,000. For a small to medium size business in today’s economy, this can stop business operations or even close the business down for good. Businesses need to be aware of the different types of fraud that are occurring and how to spot and defend their business from falling victim.

Some popular types of fraud include:

Check fraud: Check fraud is one of the most popular forms of fraud for small businesses. A customer or someone posing as a customer may send duplicate checks to different departments. For example, they will send a check to the employee they primarily work with and another one to accounts payable. Both of these checks end up getting paid without anyone taking notice. This may seem small but it can quickly add up to thousands of dollars if not tens of thousands over the course of a few years. 

Check fraud can also occur when a “customer” claims they were overcharged on a check and wants the business to refund the balance. Since businesses don’t want to overcharge their clients, they often refund the difference quickly. By the time this is figured out, the hacker will get away and the bank can’t do anything. 

 

Invoice fraud: Invoice fraud is another popular fraud method. In invoice fraud, a scammer contacts the business masquerading as a vendor. They will claim that the banking information has changed and they want to ensure everything is correct to ensure no business disruptions. Once the scammer/hacker gets the banking information, they can commit invoice fraud. They will act as a vendor and send an invoice to an employee. Once it’s paid, the business won’t be able to reach them and banks can’t track them down. This form of fraud is effective because the scammer will make the email appear almost identical to the real vendor. 

Cyber account takeover: Cyber account takeover is one of the worst forms of fraud. This happens when a hacker emails an attachment containing malware to an employee. If the employee downloads the attachment, the malware from the hacker will infect the employee. This causes the employee’s account to be compromised and the hacker can take it over. 

The effects of this can be disturbing because now the hacker has real internal access to a business. They can send the same malware to decision makers within the company and commit fraud at scale and get away with it. 

How can businesses start spotting fraud attempts?

Education: Educating your entire staff should be the first order of business. No employee wants to seem like they were the reason a fraudulent activity occurred, but it’s important to establish a culture of transparency to deter future acts of fraud. Talking openly to employees about fraud will put them on alert regarding suspicious emails and other fraudulent attacks. There are some free resources to help train employees on how to detect fraud online. That’s likely a good place to start for small businesses. 

Continuous updates: Businesses running on legacy systems are far more likely to fall victim to a fraudulent attack. In fraud instances like cyber account takeovers, businesses with old systems stand little chance against experienced hackers. Making sure your business is running on newer systems and software will increase your security and make it far less likely that you will fall victim to fraud. 

Perform routine/surprise audits: Many businesses may be unaware that they are victims of fraud. Although the big fraud amounts get the headlines, there may be routine withdrawals from your business accounts. Taking the time to do a routine or surprise audit in your business can uncover any strange occurrences in your accounting. Performing a surprise audit can be a great tool against internal fraud within the company. 

To learn more about how you can protect your business, take a free assessment here