Home » Blog » Protecting your small business from scams

Protecting your small business from scams

From fake invoices to your data being held hostage, small businesses face a number of threats. Here are some common scams to watch out for.

“Small businesses are a popular target for scammers,” says Prospa’s Cyber Security Manager, Charn Tangson. “While you may think you’re not big enough to be a target, in reality it’s often easier for a criminal to scam 50 small businesses than one or two large ones.”

Also be prepared that scammers can be more active at certain times of the year, particularly when they know small businesses are going to be busy.

“Specific times of the year may be higher risk, such as when you’re doing your quarterly BAS, EOFY and Christmas,” says Charn.

“Cyber criminals tend to take advantage of lack of time as well as certain activities (like a tax refund) to craft personalised scams.”

So, to protect yourself, you need to know the risks. Charn shares some of the top small business threats and scams to watch out for:

Fake invoices, bills or refund requests

Receiving invoices and bills online is a common thing for many small businesses. However, all may not be what they seem. Attackers are frequently crafting invoices that may be incredibly similar to ones usually received by your business, but are fake and direct funds to a different bank account. They also might send you an email telling you you’re due a refund because you’ve overpaid.

These emails can happen if your supplier has been hacked or it may just be an educated guess. And if your supplier has been hacked and you click on the link, you may have just let hackers into your system.

Ransomware

If you click on a malicious link in an email containing a fake invoice, for example, or on a website that’s been hacked, you may download malicious ransomware to your computer and the entire system. Ransomware essentially encrypts all of the files on your computer and holds them hostage until you pay money to unlock it. And, of course, there’s no guarantee they’ll be released.

False awards or directories

You’ve no doubt heard about this or experienced it for yourself: “Congratulations, you’ve been nominated for the ‘best small business award’! Just pay $500 to enter…”

Emails or calls letting you know you’ve won an award or your listing is missing from a major business/contact directory that all of your competitors are in are relatively common.

To win an award, you need to enter or be nominated in the first place. Any payment is made at the time of entry, rather than when you’ve won. So, as nice as it is to hear, take it with the proverbial pinch of salt until you know it’s genuine.

If you’re asked to pay for a directory listing, sometimes the directory doesn’t exist – or if it does, it’s likely to be ineffective. Make sure you do your research.

False threats or extortion

Along similar lines are emails claiming you’ve broken laws or regulations – it could be anything from fake parking tickets to unlicensed software. Also common are recorded phone calls purporting to be from the ATO telling you you’re in breach and threatening legal action, with a request to call back on the number that called you. Don’t.

Fake services

From SEO experts to business consultants, there are many people out there trying to get your money. And some of them may be well worth it. Others, however, are not.

So, if you’re approached by anyone offering services to help your business, make sure you do your research, speak with their clients and only pay once they’ve delivered. And, if it’s a service you genuinely need, approach others to quote on the job to ensure what you pay is fair market price.

Tips to minimise your scam potential

  • Never click on a link to pay or open the invoice until you’re certain it’s genuine.
  • Check the send email address is from the domain it should be from and check the bank details are the same as they usually are.
  • If you need to query the invoice, use the phone number on the sender’s website, not on the invoice. If it’s a fake, the number will go through to the scammer, pretending to be from that business.
  • Always backup your data to a second location. In the event of a ransomware incident, you will have peace of mind that there is at least one fallback to recover your systems and data.
  • Always question services and emails before actioning – if in doubt, call the sender to verify the legitimacy.
  • Always research companies offering awards, directories or services.

Sign up to the Prospa Blog Newsletter for more tips and tricks delivered straight to your inbox.

Primary CTA illustration
You believe business loans should be flexible. We believe it too. That's why we're offering business loans with no repayments for the first 8 weeks. Offer ends June 30. T&Cs apply.
Apply today
Primary CTA icon
You believe business loans should be flexible. We believe it too. That's why we're offering business loans with no repayments for the first 8 weeks. Offer ends June 30. T&Cs apply.

The information in this post is provided for general information only and does not take into account your personal situation. Nothing contained in this post constitutes advice or an endorsement or recommendation of any kind by Prospa. Any links to third party websites are strictly for informational purposes only. You should consider whether the information is appropriate to your needs, and where appropriate, seek professional advice from financial, legal and taxation advisors. Although every effort has been made to verify the accuracy of the information as at the date of publication, Prospa, its officers, employees and agents disclaim all liability (except for any liability which by law cannot be excluded), for any error, inaccuracy, or omission from the information for any reason, including due to the passage of time, or any loss or damage suffered by any person directly or indirectly through relying on this information.

Keep reading

Does the instant asset write-off or temporary full expensing apply to your business this EOFY?

17 May 2021 | 3 min read

With EOFY approaching, so is the instant asset write-off deadline We’ve put together some useful information for small business owners.

View more

Federal Budget 2021: 7 key take-outs for small businesses

12 May 2021 | 5 min read

Federal Budget 2021 includes benefits and subsidies aimed at boosting what the Treasurer described as the engine room of the economy: small business.

View more

The best EOFY investment I ever made

30 April 2021 | 3 min read

From coaching to equipment, these four small business owners used the EOFY to make investments that transformed their businesses.

View more

Subscribe to the Prospa Blog

Be inspired! Sign up to Prospa’s newsletter to receive tips, tools and small business success stories straight to your inbox.