Now that most of the country is working from home and employees are physically separated, businesses are more exposed than ever. BBB reminds businesses to be on the lookout for scams and ensure employees are trained to handle some of the challenges they will face while working from home.
“For the first time, many organizations are conducting business and communicating completely online,” said Mechele Agbayani Mills, President and CEO of BBB serving Central East Texas. “This makes business processes extremely vulnerable in many cases.”
BBB advises businesses to be watchful for the following:
BEC Scams. Business email compromise fraud is an email phishing scam that typically targets people who pay bills in businesses, government and nonprofit organizations. It affects both big and small organizations, and it has resulted in more losses than any other type of fraud in the U.S., according to the Federal Bureau of Investigations (FBI).
The latest twist involves HR Departments receiving calls or emails from a scammer posing as a current employee asking to update their direct deposit or mailing information to receive paychecks. Once the information is provided, the employee’s pay has been sent to someone else.
Tech Support Scam/Ransomware With many of us working from home, you’re more likely to see popup ads offering tech support. These ransomware attacks are becoming a regular occurrence, locking computers and networks using file encryption software, with hackers demanding payment by Bitcoin or other non-traceable crypto-currency to release the data.
Utilities Scam. Scammers often impersonate water, electric, and gas company representatives. The scammer threatens the business owners with deactivation of service if they don’t pay up immediately, usually demanding payment via unconventional methods such as gift cards and wire transfer.
Bogus SBA offer: An email, text or caller ID appears to be from the U.S. Small Business Administration or an attorney representing the SBA. The imposter claims to offer grants just for small businesses affected by the coronavirus outbreak. The short application requests banking and business information. Then the owner is asked to pay a “processing fee” of up to two thousand dollars.
BBB provides the following tips and best practices to prevent your team from becoming victims of one of these scams:
Use good passwords. It’s important to use complicated and different passwords for each of your apps/devices. For more information on how to create a good password, go to bbb.org.
Call to verify. If you get an e-mail requesting sensitive information (to obtain it or to change it) or to do a “favor” for your manager, make sure you call them to confirm that they were actually the individual making the request.
Don’t open attachments or click on links (including pop up ads) without verifying the source. Watch out for scammer grammar and hover over the email address to make sure the sender’s email address indeed came from someone who works for your company.
Do not accept unsolicited support calls claiming to be from Microsoft, Apple, or other vendors.
Keep anti-virus/anti-malware software up to date on all of your devices. Ensure that Windows PCs are rebooted regularly and that Windows Updates are routinely installed.
Government websites end in .gov. Legitimate government entities will have websites and emails that end with .gov such as SBA.gov. Also remember that if you didn’t apply for a grant, you’re not eligible to receive one, and the government will not contact you via text message or ask you to pay fees.
Train and educate your staff. It’s important to ensure your employees are aware of the risks and provide effective countermeasures and to put policies in place so requests for financial and other sensitive information are verified first.
If your company doesn’t already have a security training program in place, now is the time to beef up staff training. It only takes one successful phishing attack to compromise a company’s network, steal millions of dollars or lose the trust of your customers. BBB State of Cyber Security is a source that’s free and provides the basics on securing your business. For more tips on how to be a savvy business during this outbreak, go to bbb.org. To report fraudulent activity or unscrupulous business practices, go to BBB Scam Tracker.