I usually like to believe the best in people. I really do. Recently, however, I lost a little more faith in humanity after I was targeted by a scammer last week. I realized that no matter where you look, across various parts of the globe, and across various parts of time, there will always be a percentage of the population that’s bent on making a quick buck. And they will usually do so by preying on the innocence and ignorance of others. So, in an effort to write more blog posts, I thought I’d share some wisdom on common scams that small business owners might run across.
Overpayment scam –
This one seems innocent enough. Potential customer writes you a check that’s more than the amount due, and says “Oops! Just send the remaining money back to me.”
I recently received an email from a potential client. I sent him an an estimate and the amount due for a deposit. He requested that I run his credit card for over four times the amount of the deposit, keep a portion, and send the rest back to a colleague of his. Seems fishy enough by itself, but here’s what’s happening on both counts:
The check or credit card is stolen. Checks take several days if not a week or two to completely clear the bank. Credit cards may take even longer. Once it finally bounces, you become responsible for the entire amount, while they are holding a nice wad of cash. And with the increasing popularity of services such as Square, stolen credit cards are becoming more popular to be used in this fashion.
How to avoid it: Insist on taking payment methods that have fraud protection. Talk to your bank or an accountant for more information.
Directory scam -
I ran into this one several times while working in an office in downtown Portland. Phonebook 101. When one has a land line, business or residential, the phone company that owns the line publishes a phone book for the lines they run. Technically there are several phone books out there. With the rise of mobile phones, the sizes of those phone books are getting smaller, as they do not list mobile numbers. So where does the scam come in? Well, since there are so many phone books out there, it is common to receive a phone call from someone claiming to be from some version of the Yellow Pages, and needs to update your information.
The sneaky part is that they usually tack on several hundreds of dollars in “advertising charges” for a “listing”. But I didn’t give them my credit card number! You might be thinking. That’s ok. I’m no attorney, but somehow, third party companies are able to add charges to your phone bill for various services. So you don’t need to give them your credit card number. They’ll just add it to your phone bill.
How to avoid it: If you have a land line and you receive a call asking that you update your information, hang up. Phone books are printed with information on file with the phone company. As long as they have your up-to-date information, it’ll be accurate. If you do not have a land line and you receive a call asking that you update your information, hang up. Mobile numbers aren’t listed in phone books anyway. Voice-over-ip services are also not listed. If you are in an office that uses a phone service like Shoretel or something similar, that’s over the internet, not a land line.
Phishing scam -
This one is complicated. It involves an email with a link or attachment that will go after your identity, usually sent by a fake address but one that looks legitimate. Luckily, most of the popular email servers have some decent built-in phishing blockers. But every once in awhile, I’ll see an email from UPS, for example, claiming to have information on a delivery. I just have to open the attachment or click the link. That’s silly. UPS doesn’t email, they leave a sticker on your door.
How can a program steal your identity? You might ask. The most common way is using what’s called malware. If you’re browsing a website and you get a pop-up message requesting that you download a toolbar to continue, or that you need a specific video player, close your browser and don’t return to that site. Usually those installs are some form of malware. And the most common malware is called a key-logger. What those do is log every key stroke you type on the keyboard. Combine it with an internet browsing history and boom. They have figured out all of your passwords. Key-loggers can also be used to hack into, say, an online video game you might play. Real money is usually not involved with that, but it is annoying to come back and find your character naked and all of your in-game currency gone.
If you don’t already have a good anti-virus program on your computer, get one. I really like AVG. It’s free, and no, they have no idea I’m recommending them. AVG will regularly scan your computer and any incoming email attachments for viruses. Lavasoft also has a program called Ad Aware, which is similar to an anti-virus but specifically looks for malware on your system.
I can go on and on about digital hacking, identity theft, and how furious the whole thing makes me. But here are some basics. I hope it helps.