The three-letter message on the caller ID strikes fear in any American’s heart: IRS. You pick up the phone, nervously, to hear a somber voice with an unsettling message.
“This is the IRS,’’ the voice intones, confirming the caller ID information. Adjustments have been made to your tax account and an immediate payment is due, the caller is informed. Payment must be made over the phone by cash, wire or services, such as MoneyGram. Even iTunes gift cards will suffice. If not, police will be at your location within an hour.
Reading about such an incident should trigger internal alarm bells. This kind of call, with these unusual forms of payment, sounds like a scam. And it is.
And these scammers are clever. They use technology to falsify caller ID information and even use the names of actual IRS employees – obtained fraudulently, of course.
The cost to small business can be devastating
Small businesses are especially vulnerable. Businesses with fewer than 100 employees have the highest percentages of fraud, according to a report published by the Association of Certified Fraud Examiners. The same report shows that small businesses lost a median of $154,000 while businesses with 10,000 employees or more were hit with a median loss of $160,000.
To put this in perspective, the $154,000 loss averages out to $1,540 per employee, while a much larger business takes a far smaller hit of about $16 per employee. For smaller businesses dealing with a much lighter cash flow than their larger counterparts, losing this much money can have a serious – even a potentially door-closing – impact.
Fight back with this powerful tool
So how to avoid these sophisticated and too often successful scammers?
Arm yourself with the most powerful weapon any targeted business can possess: information. The IRS reminds the public that understanding their methods of operation can help sound the alarm at unusual activity.
The IRS, for example, does not contact people or businesses by phone; they use the U.S. mail. They don’t request personal information such as credit cards and Social Security numbers over the phone. They don’t threaten arrests or lawsuits when making contacts.
And unlike your teenage niece, they have no use for iTunes gift cards. Or any gift card for that matter – or for MoneyGram or Western Union transfers.
To report a possible IRS scam, fill out the IRS Impersonation scam form at www.tigta.gov or file a complaint with the Federal Trade Commission at www.ftc.gov.
Other popular schemes scammers are using
Unfortunately, phony IRS calls are far from the only scams that target small businesses. The Federal Trade Commission reports that small businesses have been hit by directory scams. A phony “directory company’’ promises to expand the reach of your business by including a listing in a directory that, of course, does not exist. But by the time you realize it, the money sent to the company for this promising listing has vanished, along with any potential directory.
Then there are attempts to hack into your business computer to access sensitive information.
“Lately we’ve heard reports that people are getting calls from someone claiming to be from the Global Privacy Enforcement Network,’’ Andrew Johnson from the FTC’s Division of Consumer and Business Education said in an alert released by his division.
“Their claim? That your email account has been hacked and is sending fraudulent messages. They say they’ll have to take legal action against you, unless you let them fix the problem right away,’’ he said.
If victims ask questions, the scammer provides numbers to the Federal Trade Commission or directs them to the web site for the Global Privacy Enforcement Network, a very legitimate web site that works on cross-border privacy issues and has nothing to do with this scam except for the unauthorized use of its name.
Take steps to avoid being victimized
To avoid problems, Johnson recommends taking the following steps:
The most crucial step to take is to back up all your data correctly should the worst happen.
If you have concerns regarding your computer or a specific piece of software, contact the respective company directly. A representative can confirm whether there is in fact an issue with your computer – or whether that issue strictly exists in the greedy heart of a scammer.
Anyone who falls victim to this scheme or other tech-support scams is urged to report the incident directly to the FTC at www.ftc.gov.
Other scams make front page news, including the infamous ransomware scheme, that can encrypt digital files and render them useless unless a hefty ransom is paid. About 4,000 ransomware attacks occur every single day in the United States, according to the US Department of Justice.
Know who to trust
Again, information and communication are the best defense against these criminal minds. Remind your employees to use extreme caution when opening email attachments or clicking on links within emails. When in doubt, don’t open it. Instead, reach out to reliable sources, including the software provider itself.
Be loyal to those who you know and trust – and be in the business of casting a wary eye to all others. Your livelihood could depend on it.
Reward your employees by becoming a Hanscom FCU Bank at Work partner. Membership is free, and the benefits will save you and your employees money.
Others are reading: