How to steer clear of extortion, wire fraud and other business scams

If you have been targeted by any scam, always file a report with the Canadian Anti-Fraud Centre, whether you paid money or not (Shutterstock/Amy Walters)

When it comes to business scams, preparation is crucial.

“Businesses should always have a plan in place to be able to react quickly if they are targeted by scammers,” says Jeff Thomson, manager of the fraud prevention and intake unit at the Canadian Anti-Fraud Centre. “Everyone in the business needs to be trained and familiar with the plan.”

Here are some tips for recognizing, avoiding—and if necessary, responding—to common business scams:

EXTORTION

• Have a plan in place to prevent and respond to cyberattacks.
• Back up your files regularly.
• Make sure anti-virus and other security software is up to date.
• Train employees to be vigilant, including teaching them to never click on links or open attachments from unknown senders. [See Cyber hygiene: Are your remote workers in the know?]
• Have an employee policy in place to confirm requests for payments and purchases, in person or verbally with people authorized to approve them. 
• If you see a pop-up message or a banner with a ransom request, report it to your local police and speak to a local computer security or repair company.   
• If you get a call from someone who says they are from your hydro utility and want immediate payment for an unpaid bill, hang up and call your utility. Utilities companies never ask for banking information over the phone and do not accept prepaid credit cards or bitcoin as payment. 

SALE OF MERCHANDISE AND SERVICES: CNP

Watch out for the following red flags indicating possible “card not present” fraud: 

• Customer requests “rush” or “overnight” delivery.
• One card used with multiple shipping addresses.
• Delivery to an international address.
• Billing address differs from the shipping address.
• Orders made using different names, addresses, and card numbers but from a single IP address.
• Orders from repeat customers that differ from their regular spending pattern.
• Multiple transactions on a single card over a short period of time.
• Multiple cards used for one order (cards keep getting declined).
• First-time customer and the order does not fit the “average” customer purchase pattern. 
• If you accept CNP orders, call your processor (the company that authorizes the transactions and facilitates the transfer from the customer’s account to your account) and ensure security measures are in place to prevent victimization and reduce unwanted chargebacks.   
• If you accept CNP orders, use the automated verification tools supplied by your acquirer (usually your bank) and payment association. 

WIRE FRAUD 

• Beware of irregular email requests for urgent fund transfers. 
• Watch for spelling and formatting errors in emails and be wary of clicking on any attachments, because they can contain viruses and spyware. 

DIRECTORY SCAMS 

• Educate employees at every level to be wary of unsolicited calls. Post notices and discuss during staff meetings. 
• Compile a list of companies that are typically used by your business and authorize only a certain number of staff to approve purchases and pay bills. 
• Inspect invoices thoroughly before making any payment. (Fraudsters will use real company names such as Yellow Pages to make the invoices seem authentic.) 

SPEAR PHISHING 

• Verify the source of any email requesting payment.   
• Take extra precautions when sending funds/making purchases.  

If you have been targeted by any scam, always file a report with the CAFC toll-free at 1-888-495-8501 or online, whether you paid money or not. 

WANT TO AVOID ALL KINDS OF SCAMS AND SCHEMES?  

CPA Canada has a number of resources that can help, including The big scammers can ruin your life and your business and How to protect your smart phone. You can also organize a fraud protection session in your community with a CPA Canada volunteer.