Email scams and phishing: A guide for your business

AAMP and its members have reported increases in email scams and phishing attempts. AAMP would like to remind its members that the association does not solicit members for money, gift cards, event attendee lists, etc. Learn the signs of scams that target businesses and tell your employees and colleagues what to look for so they can avoid them.

The Federal Trade Commission (FTC) offers these tips for your business:

Train Your Employees

  • Your best defense is an informed workforce. Explain to your staff how scams happen and share this FTC brochure with them (https://bit.ly/3dT6dLt)
  • Encourage people to talk with their coworkers if they spot a scam. Scammers often target multiple people in an organization, so an alert from one employee about a scam can help prevent others from being deceived.
  • Train employees not to send passwords or sensitive information by email, even if the email seems to come from a manager. Then stick with the program — don’t ever ask for sensitive data from employees by email.

Verify Invoices and Payments

  • Check all invoices closely. Never pay unless you know the bill is for items that were ordered and delivered. Tell your staff to do the same.
  • Make sure procedures are clear for approving invoices or expenditures. To reduce the risk of a costly mistake, limit the number of people who are authorized to place orders and pay invoices. Review your procedures to make sure major spending can’t be triggered by an unexpected call, email, or invoice.
  • Pay attention to how someone asks you to pay. Tell your staff to do the same. If you are asked to pay with a wire transfer, reloadable card, or gift card, you can bet it’s a scam.

Be Tech-Savvy

  • Imposters often fake caller ID information so you’ll be more likely to believe them when they claim to be a government agency or a person you trust.
  • Remember that email addresses and websites that look legitimate are easy for scammers to fake. Stop and think about whether it could be a scam before you click. Scammers even can hack into the social media accounts of people you trust and send you messages that appear to be from them. Don’t open attachments or download files from unexpected emails; they may have viruses.
  • Secure your organization’s files, passwords, and financial information. For more information about protecting your small business or non-profit organization’s computer system, check out the FTC’s Small Business Computer Security Basics. (https://bit.ly/2S7UdNF).

Know Who You’re Dealing With

  • Before doing business with a new company, search the company’s name online with the term “scam” or “complaint.” Read what others are saying about them.

When it comes to products and services for your business, ask for recommendations from other business owners in your community. Positive word-of-mouth from trustworthy people is more reliable than any sales pitch.