For small business owners, becoming a victim of fraud can have immediate and long-term financial and security impacts. The good news is with the right information, you can spot the most common types of fraud and help prevent your business from falling prey to them.
Understanding the most common types of fraud
Following are three of the most common types of fraud that impact businesses.
1. Business email compromise (BEC) fraud
BEC fraud is a type of phishing attack in which a fraudster attempts to impersonate a known contact, such as a high-level executive or trusted colleague, and trick a recipient into transferring funds into a fraudulent account. BEC fraud doesn’t usually rely on links or attachments, and that makes it harder to spot than the average phishing email. These emails rely on having enough personal information to accurately impersonate someone you know.
2. Out-of-office (OOO) fraud
OOO fraud is a similar scheme where fraudsters take advantage of the information provided in an OOO email. While out-of-office messages are a courteous way to let others know that you won’t be working, you could be giving away valuable information to potential fraudsters. The standard OOO message includes the contact’s full name, office address, phone number, job title, and line of work. In the hands of a fraudster, this information can be used to impersonate you to get information or money from an unsuspecting colleague.
3. Insider fraud
Insider fraud is carried out by a current or former employee, contractor, or business partner who takes advantage of the data or processes they had access to in order to complete their job.
How to prevent and protect your business fraud
Ultimately, the best way of preventing the three most common types of fraud is to keep private or sensitive information out of the public eye. By committing to a few simple, proven tactics, you can help prevent fraudulent activity from occurring in the workplace.
Keep personal information in emails vague
Remember to keep the personal information in your emails vague–especially in OOO messages. When setting an OOO message or sending an email that could reach recipients you may not know, avoid providing unnecessary contact information or sensitive details about your business. Ask yourself: “Would I share this information with a stranger?” If not, best not to include that information in your email.
Keep private details off social media
Similarly, be aware of what you’re posting on social media and who has access to your profile. Sharing lots of private details on a public account can increase the risk of a fraudster impersonating you.
Be wary of unsolicited phone calls
Finally, you should always be cautious when answering unsolicited phone calls or emails. What’s more, make sure to verify that a request for money or data is legitimate by calling a known and verified number for confirmation. Rule-of-thumb: never offer up personal or financial information to an unsolicited caller.
Document internal controls
You can help prevent insider fraud at your business by implementing a strong system of clearly documented internal fraud controls, including policies for physical and digital data, assets, and communication. Be sure your employees have access to and are trained on those policies. Foster a company culture that promotes accountability, honesty, and transparency. The more your employees understand security best practices, the better prepared they’ll be for handling data or information correctly. And, the more they’ll understand how serious a purposeful breach of those policies is.
Learn more about how Clover helps protect your business from fraud.
This story was originally published on SPARK, a blog designed for you and your people by ADP®.