Skip to main content

Protecting Your Small Business from Fraud and Scams

Small businesses vitalize our communities and make Massachusetts a fantastic place to live and work. Unfortunately, small businesses are also common targets for scams and fraud. Business owners can protect themselves and their business by learning how to identify and stop scams before they happen. This article identifies common types of scams that target small businesses—including specific communication tactics that scammers use to convince business owners to buy into their schemes—and provides actionable tips for protecting your small business.

Common Types of Scams Targeting Small Businesses

According to the FTC, small business owners should beware of these and other scams that frequently target small businesses.

1. Tech Support Scams

Scammers may call or send an alarming pop-up message pretending to be from a well-known company, telling you there is a problem with your computer security. Their goal is to get your money, access to your computer, or both. Never click any links embedded in unexpected emails, even if the email appears to be from a trusted source.

2. Social Engineering, Phishing, and Ransomware

Cyber scammers can trick employees into giving up confidential or sensitive information, such as passwords or bank information. It often starts with an email, social media contact, or call that seems to come from a trusted source, such as a supervisor or other senior employee, but creates urgency or fear. Scammers tell employees to wire money or provide access to sensitive company information. If you receive an urgent email asking for money or information that appears to come from a trusted source, try contacting that person through another channel, such as over the phone, to confirm the legitimacy of the message.

3. Government Imposter Scams

Scammers may impersonate government agents and threaten to levy fines or suspend business licenses if you don’t pay taxes or fees to renew your registration. Some businesses have also been scammed into buying required workplace posters that can be ordered for free from the Department of Labor. If you receive a call from a purported government official, the best thing to do is to hang up and call the agency at the number posted on their official website. Do not call them back at the number that called you.

4. Fraudulent Invoices

Scammers may create fraudulent invoices that look like products and services your business uses, like office supplies or website domain registrations. Scammers know that when the invoice is for something critical, many small business owners will pay first and ask questions later. Pay close attention to invoices for services that are critical to keeping your business up and running, or invoices that create a sense of urgency with short deadlines or threats of repercussions for late payments.

5. Unordered Office Supplies and Other Products

Scammers may call to confirm an existing order or offer a free sample, then send unordered merchandise followed by high-pressure demands to pay for it immediately. Keep in mind that if you receive merchandise you didn’t order, you have a legal right to keep it for free.

What Are Common Red Flags that May Indicate a Scam?

Scammers often employ similar tactics to gain your trust and exploit it for money or sensitive information. Be on the lookout for these tactics:

  • Scammers pretend to be someone you trust. They make themselves seem believable by pretending to be with a well-known company or government agency. Fortunately, you can almost always contact trustworthy government and business entities using a publicly available phone number or website to confirm whether the contact you received was legitimate.
  • Scammers create a sense of urgency. They rush you into making a quick decision before you have time to consider the consequences. Don’t rush important decisions and remember that the impact of falling for a scam may be more severe than failing to provide information or money timely to a legitimate agency or business partner.
  • Scammers use intimidation and fear. They tell you that something terrible is about to happen to get you to send a payment before you have a chance to check out their claims. Don’t fall for intimidation tactics, and don’t be afraid to contact companies and agencies through another channel to verify the contact.
  • Scammers use untraceable payment methods. They often want payment through wire transfers, reloadable cards, or gift cards that are nearly impossible to reverse or track. Government agencies and reputable businesses will not make similar demands for untraceable, irreversible payments.

How Can I Protect My Business?

1. Educate Your Employees

  • Order and share copies of the FTC’s Scams and Your Small Business booklet by clicking the link here. The booklet is also available in Spanish. All FTC publications and shipping are free.
  • Encourage your employees to share with their coworkers if they spot a scam. Scammers often target multiple people in an organization, so sharing information may head off a scam before it’s successful.
  • Train employees not to click unexpected links or share sensitive information, like passwords, via email. Then, stick to the program. Do not ask employees for sensitive information via email.

2. Verify Invoices and Payments

  • Train yourself and your staff to check all invoices carefully and never pay unless the bill is for items that were ordered and delivered.
  • Establish clear procedures for approving invoices and expenditures, then stick to the process. A good procedure will ensure that major spending cannot be triggered by an unexpected email, call, or invoice.

3. Be Tech-Savvy

  • Phone numbers, email addresses, websites, and social media profiles can be convincingly replicated, or “spoofed” by scammers. If you receive an unexpected or strange communication that instills fear and requests urgent action, assume that it’s fake until you’re able to verify it through another channel.
  • Take common-sense steps to protect your business files and devices, like turning on two-factor authentication and using strong passwords. Check out the FTC’s Small Business Computer Security Basics page for more helpful tips.

No business is immune from scams and fraud attempts. By learning to spot scams and taking simple steps to protect your business, you stand a better chance of identifying scams and stopping them before they can harm your business or personal finances. If you do spot a scam, report it to

For more information about how Cambridge Savings Bank can help your business thrive while staying safe from scams, please reach out to a Cambridge Savings Bank business banker today.