We hear a lot about the impact fraud has on the consumer. Maybe you saw charges you didn’t authorize on your credit card, or maybe it happened to a friend. Did you realize you need to protect your business from B2B fraud?
Identify theft and phishing scams are seemingly commonplace threats to our personal financial security, but what about businesses? Are they vulnerable to the same fraud schemes as individuals are?
Yes, they absolutely are, though there is sometimes less media focus on businesses who are the victims of fraud. The increasing role that e-commerce and virtual transactions play in our everyday lives will only increase the number of businesses impacted by fraud as time goes by.
Small business fraud can be devastating, and due to a lack of protections for small businesses affected by fraud, particularly with business debit cards, the onus of protection typically falls on the business owner.
For that reason, it’s essential that you learn how to protect your company and understand the types of fraud you may be subject to. Here are a few tips to understand the risk of fraud and proactively protect your business.
The 10 Most Common Fraud Scenarios for Small Businesses
While new types of fraud pop up over time, there are some common types of small business fraud that you should watch out for:
- Payroll fraud
- Debit card fraud
- Employee misuse of credit cards
- Account takeover
- Business identity theft
- Commercial bust-out
- Shell Companies
- False invoicing
- Voicemail message scam
While larger corporations may be more susceptible to fraudulent activities like data breaches, smaller businesses have different things to be worried about. In fact, small businesses are more likely than large corporations to be hit by fraud.
There are many types of both offline and online fraud that can impact your business, and you’re probably already aware of at least a few of the ones on this list. However, becoming familiar with these major fraud types that have plagued the business world (including small businesses) can help you not only identify them when they come along but also help you prevent problems and lower the risk of being attacked.
Types of B2B fraud.
1) Payroll Fraud
Payroll is a necessary expense for your business, but it’s not one you want to overpay on. Yet there are many instances of payroll fraud, where an employee falsifies information in order to get more money from his or her employer.
There are many forms of payroll fraud. An employee might fudge the numbers on a timesheet to get paid for work they didn’t do. An employee might punch in for a coworker when that coworker hasn’t shown up for work yet. Someone with access to your payroll system could create a “ghost employee,” a fictitious individual who gets a check despite not actually working at the company.
What you can do: Know who monitors your payroll system, and do a spot check now and then. Carefully review timesheets and talk to managers to ensure they match with the hours employees are working.
2) Debit Card Fraud
You may, as an individual, have had a debit card hacked. Maybe you got a notification that there was an unusual charge on your account. Somehow, hackers duplicated your debit card number and used it to make purchases.
The same can happen with your business debit card, and you actually have less protection than you do with your personal card.
What you can do: It’s better to use business credit cards because you are only liable for up to $50 of fraudulent charges. Most credit card issuers won’t even make you liable for that.
3) Employee Misuse of Credit Cards
You may find it useful to give certain employees their own company credit card to make purchases for your company. Realize that this may put your business at risk of fraud internally. It’s likely most of your employees are trustworthy, although there may also be employees that abuse the privilege of having a company card by making unauthorized personal purchases.
What you can do: Limit who has a company card. For most expenses, employees can get reimbursed once you or your accounting team review the transactions.
4) Account Takeover
Similar to the phishing and telephone scams that compromise personal identities, this type of fraud involves the interception of credit card or account information that is later used to place orders or otherwise defraud a legitimate business. This particular type of fraud accounts for $2.3 billion in losses a year, for both business and personal.
What you can do: Instruct your team to use different passwords for each site they log into. Be mindful of where you’re inputting financial data.
5) Business Identity Theft
This type of fraud involves a perpetrator opening business accounts under the name of a legitimate business. Here, the applicant acts as the business owner (or a representative) and utilizes this contact information to apply for credit or open accounts.
What you can do: Regularly monitor your personal and business credit reports to look for suspicious activity. Report anything unusual immediately to the credit bureau and the bank.
Hackers can impersonate someone you trust, like a vendor, and get you to send them money or authorize a financial transaction. They can also get you to click on a file that, once downloaded, can wreak havoc on your entire IT system, in a type of phishing called ransomware. The scammers then demand a ransom for you to get your data back up and running.
What you can do: Train employees to look at email addresses, not just the “from” field, to verify that an email came from the right domain. Tell them never to send sensitive financial data over email or click on unfamiliar attachments.
7) Commercial Bust-Out
You’ve likely had nonpaying clients before, wrote off the loss, and moved on. But it’s possible that you’ve been the victim of commercial bust-out fraud, where the criminals set up a fake business and buy goods and services from companies like yours with no intention of ever paying for them.
What you can do: Require payment up front, particularly for new customers. Run their credit to see if they have a business or personal credit history that stands up.
8) Shell Companies
These are companies that are set up with the specific purpose of committing fraud. The company will not sell a product or provide a service, but instead use the company to launder money. These businesses rarely have a physical location, but if they do, it is typically a storefront used solely to fake legitimacy.
What you can do: While it can be difficult to get real information about who runs a shell company and what it does, do your best to find out as much as you can about a company you plan to do business with.
9) False Invoicing
False invoicing more often happens in mid-sized businesses where there are multiple people handling accounting and financial tasks. The invoice is for products or services not rendered, but the hope is that it will be paid without being scrutinized.
What you can do: Have a single person in charge of paying invoices in your accounting department and have them confirm that the services or goods on the invoices were received and that the price is what was agreed on.
10) Voicemail Message Scam
A more recent addition to the types of fraud small businesses suffer from involves voicemail delivered via email (a feature many businesses use). While the email may appear official, clicking on the attachment in the email could download malware to your computer.
What you can do: If you use a voicemail service, instruct employees to only open emails from that domain name. Anything with an attachment that is from another domain should be forwarded to your IT department to analyze and report.
How to Protect Your Business from B2B Fraud
While there is no way to completely remove the risk of B2B fraud for your company, there are measures you can take to avoid becoming a victim.
Avoid B2B Fraud by Verifying All Information
Perhaps the easiest and most important step in B2B fraud prevention is verifying the information provided by new potential clients.
If you will be extending terms to another business, or making a large sale without collecting money up front, always make it a point to thoroughly review and vet information provided by the business. From the proper name of the business and the owner/representative to the physical location of the business, make sure everything on the application is accurate, and ask questions if it is not. A Google search is a great place to start.
Additionally, if your business is contacted by a representative who says she’s with a bank, credit card company, or government agency, always verify the legitimacy of the business/organization and their request before providing any sensitive information.
Track Credit Information
You can track the credit details of other businesses to ensure that you are dealing with responsible, credible business partners. Unlike personal credit, which is protected by the FCRA (Fair Credit Reporting Act), anyone can pull a business’ credit reports at any time without permission. Nav’s Paid plans allow you to find detailed credit information on up to five different businesses.
If you see any red flags, ask for full payment up front, otherwise, you might never see the money.
Monitor Accounts & Invoices
It’s easy to let invoices stack up without thoroughly reviewing them before you quickly pay them just before they’re due. Unfortunately, that behavior can easily leave you and your business a victim of fraud.
Make sure to review each and every invoice and confirm that what’s on it was received by you or someone in your company, for the price on the invoice.
Also, keep an eye on your business bank account for suspicious transactions. At the first sign of fraudulent activity, contact your bank immediately.
Use Credit Cards Rather than Debit Cards
Not only does using a credit card let you conserve your business’ cash, but it also can reduce your risk of fraud. Many credit cards offer free fraud detection; if you’re not satisfied with the level of service available, there are companies you can work with that will also provide these services for a fee.
Educate Yourself & Your Staff About B2B Fraud
You can’t always be on the front lines of your business, but you should always be able to trust that your employees can run things efficiently in your absence. Educating those who work for you on the types of B2B fraud and how to prevent them can help you remain confident and secure that your employees will help you protect your business.
Know Who You’re Hiring
Much of business fraud is internal, meaning that the people you trusted enough to hire can sometimes betray you. That’s why it’s so important to enforce strict measures on who you hire and the hiring process in general, particularly for positions like a bookkeeper, who has access to sensitive financial data.
Run background checks on any employees who will work in accounting or areas that have a high level of admin rights. At the first sign of fraudulent behavior, terminate an employee and revoke all access to your systems.
Nav’s Final Word: B2B Fraud
Fraud happens. While there’s not yet a means to eradicate it completely, being smart with your financial activities, training your employees to detect potential concerns, and being thorough in the hiring process can keep you from being a victim of fraud.
If it does happen, contact your local law enforcement.
This article was originally written on February 1, 2016 and updated on March 11, 2020.