News

This is how scammers “hunt” SMEs and the self-employed

There are more and more online scammers out to ruin business owners. These criminals pretend to be Google and have made SMEs and freelancers pay by a business profiling service which is originally free. Although it is encouraging to see large organizations committed to smaller ones, if the latter do not remain vigilant, their efforts will be in vain.

Small companies represent more than 90% of the corporate fabric and are very interesting for those who are dedicated to digital fraud. In fact, according to the security firm Kaspersky, there is a whole industry of scams that target SMEs and the self-employed. Unlike those who target ordinary users, B2B scammers take a more individualized to create effective methods of social engineering. Although they spend more time developing and running scams for these profiles, the rewards are also higher than for regular users.

The most commonly used social engineering tactics are detailed below:

Impersonate trusted vendors

Large companies have specialized departments and procedures to ensure that the provider they are going to work with is trustworthy, while SMEs may lack these resources with which to identify scams at an early stage.

Cybercriminals lure business owners with offers that are too good to be true (and expire quickly), flexible terms, and most importantly, a trusty-looking website that impersonates an authentic brand. However, when the sucker pays the bill, the supplier disappears. Scammers impersonate any type of organization, from travel agencies to wholesalers.

Warning, scroll to continue reading

false events

Acquiring knowledge, sharing experiences and expanding the commercial network is crucial for business development. This is known to scammers, who do not hesitate to create fake events to profit. They send invitations and sell fake tickets from apparently professional pages for conferences, round tables or awards in which relevant speakers participate in interesting debates. Events that will never take place.

Blackmail through bad reviews

Reputation means more profit for the company, and scammers know it. In this way, they write negative reviews of hotels, restaurants and other businesses and then send emails to the victims offering a service to remove those reviews from Google, TripAdvisor and other websites. It goes without saying that the service does not exist.

Distribution of spear phishing

Phishing is one of the most popular and simple methods to obtain information necessary for theft from companies (access data to bank accounts, passwords, etc.). In the case of spear phishing, so in vogue lately, scammers send emails to the person in charge of managing the company’s budget (owner, accountant, etc.). They pose as banks, business partners or other companies and request a payment or certain information from employees or company accounts.

Different specialized projects, such as GEIGER, in Europe, work on the important task of informing SMEs about cyber risks. In order for companies to be safe from this type of scam, the following basic cybersecurity rules must be respected:

  • Do not give in to manipulation or blackmail. Scammers always seek to destabilize and force the victim to make hasty decisions.
  • Check spelling or any suspicious signs in emails from new senders.
  • Always report scam attempts.
  • Educate yourself and educate the workforce. Cybersecurity knowledge can be acquired through online courses.

Related Articles