How to Avoid Scammers During the Pandemic

On top of all the chaos that Covid-19 is causing to small businesses, one of the biggest and most insidious is scams. 

Small businesses are often targeted more heavily than larger companies because many don’t have full-time IT personnel or the type of advanced cybersecurity options that global businesses can afford. And the particular quirks about how Covid-19 has affected small businesses has opened up a plethora of new scams in addition to more common ones. 

Let’s break down some of the most common scams and how to protect your small business from them while working remotely.

Fake Business Loans and PPP Applications

A very common scam during Covid-19 has been fake Small Business Administration emails and web pages. These are set up to steal sensitive business information by prompting small businesses to respond to a fake email or fill out a fake small business loan application. This scam has been so successful that the Department of Homeland Security issued an alert to help small businesses be aware of this type of scam.

And even though the Paycheck Protection Program reached its cap back in April 2020, that didn’t stop scammers from mimicking the PPP website to target small businesses that were still waiting to receive their PPP funds.

A straightforward way to protect yourself from these types of scams is to always verify your source. If you get an email that seems to be from a government agency, do a quick Google check to see if the websites match up. If you need to apply for a small business loan, do your due diligence to ensure that you are actually applying through the correct government or bank website.

Email Phishing

Email phishing has been around since the 90’s because it is an effective way for hackers to gain access to your data. Always check your email sources before opening suspicious emails, even if they look like they may be coming from legitimate sites. 

As in the example in the point above, do a quick search to verify that email addresses are coming from legitimate sites. Remember that government organizations will always have an email or website that ends in “.gov”; for example, all Small Business Administration email accounts will end in “sba.gov.” 

And related to this, Zoom phishing became a thing this summer! Scammers send out a fake Zoom email that directs users to reset their password or verify their account on a fake page designed to capture emails and passwords.

Make sure that your employees are protected from all types of phishing scams by setting up strong firewall and antivirus systems to prevent scam emails from landing in their inbox. Also provide training and encouragement to check sources as suggested above, so that your employees feel equipped to assess any potential scam that does make its way to their inbox.

False Invoices

Scammers also take advantage of small businesses by creating an invoice for goods or services and demanding immediate payment. You can protect yourself from this type of scam by keeping excellent records and bookkeeping. Maintaining a meticulous account of bank account records, business transactions, invoices, and financial reports will save you a lot of headache and maybe even a lot of money in the long run, since you’ll be able to cross-check your own records against the supposed evidence from a potential scammer.

Train your employees to carefully check every invoice and bill before paying, and consider limiting the number of staff that have access to or process your billing. If you do have more than one person managing this, have them check in with each other frequently especially if someone gets a bill that is questionable. Be especially wary of bills that request payment by an untraceable source, such as gift cards or wire transfers.

Don’t be taken in by threats to pay an invoice by a certain date if you are suspicious of its accuracy. It is always better to take the time to verify your business contracts and records before you submit a payment. 

Tech Support Scams

This type of scam often preys on elderly individuals, but small businesses are frequently targeted as well. You might get an alarming call or a computer pop-up notifying you of a problem with your computer, a security system that needs updating, or some kind of software maintenance or upgrade that is available. The scammer will use this as a way to gain access to your computer and anything stored on it. 

If you think there may be a serious issue, hang up and call the customer service line for your laptop or software provider. If you do have a legitimate issue, they’ll be able provide support and you’ll know you have the right people helping you.

When in doubt, wait it out

Remember, scammers operate on fear. Their communication with you is designed to create the most confusion and fear possible, and capitalize on that by getting you to act urgently in their favor. Ask your colleagues for advice and don’t be afraid to pursue legal counsel before responding to a potential scammer, no matter how real or legitimate their threat may seem. 

It is always better to give yourself a few days to verify information and gather evidence. Odds are, a scammer will be increasingly agitated, unprofessional, and threatening towards you if you do not respond quickly. Waiting it out gives you a chance to assess their behavior and response, which should be a big clue as to whether or not their threat is legitimate.

Having a strong cybersecurity system in place is the first step to thwarting potential scams. Tech Masters can provide an assessment and help you select the best security systems for your small business.