It’s not just big businesses that need to worry about fraud and scams. Small businesses are equally at risk of losing vital data and money to online fraudsters and their infamous schemes.
In 2022 alone, the Federal Trade Commission (FTC) reported approximately 8.8 billion dollars worth of losses to online scams.
This startling statistic highlights the growing importance for business owners to take measures to safeguard and protect their businesses from such threats.
As such, we have compiled this article to teach you how to protect your business from scams, specifically, PayPal invoice scams that have recently been showing up in business and personal email accounts.
PayPal invoice and payment request scams are designed to deceive PayPal account holders into paying for a product or service they never ordered or divulging personal and financial information over the phone.
PayPal invoice scams can, in fact, happen in three different ways:
The purpose of these types of PayPal scams is to get you to pay for a fake invoice or call a fake customer service number.
If you do call the number, the person on the other line will likely act as a PayPal employee and try to pry personal and financial details from you over the phone.
For many online businesses, PayPal is their default payment processor, and as such it is important to be aware and wary of such PayPal invoice scams. Knowing these types of scams exist in the first place, is the first step towards avoiding them.
If you receive an email invoice or payment request through PayPal that looks suspicious or is for a product or service you never ordered, simply don’t pay for it.
Sometimes, invoices can appear quite authentic and are even sent through PayPal’s official payment request system. However, you need to look closer.
First, look at the actual email address that the email was sent from not just what you see as the display name. Next, pay attention to details such as the “Bill to” name. It should have your name on it or your business’s name, not something generic such as “Paypal User”.
Check the PayPal invoice number and make sure the invoice has no spelling errors or any suspicious phone numbers or links. Also, make it a point to always cross-check any invoice with your internal records. If you have no record of such a purchase, that should be an automatic red flag.
Even if the email looks official but is asking you to click a link or call a phone number, don’t do it!
The best way to protect your business from potential invoice scams is to ignore these emails and report them to PayPal.
You can also simply log in to your PayPal account, either through the website or the app, and check to see if any action is needed on your part if you have received an email asking you to “resolve an issue” on your account.
Also, as a rule of thumb, you should never send money to any cryptocurrency wallet that is mentioned on an invoice or money request. Regardless of where it is from.
To report any type of unwarranted PayPal invoices or money requests simply log in to your PayPal account, whether online or through the app.
When reporting via your web browser simply click on the Activity tab and you will find the option “Report this invoice”. Simply click the option and follow the steps.
If you are reporting via the app go into the payments tab, then tap on bills. Find the invoice or money request in question and when you click on it you will see the option “Report this invoice”. Simply tap that and follow the steps.
If you want to report a suspicious email, you can simply forward that email to phishing@paypal.com. After you do, make sure you delete it from your inbox. The PayPal team will look into it and take any necessary action needed.
Apart from reporting these scams to PayPal directly, you can also report fraudulent phishing emails to government agencies such as the FTC, as well as credit bureaus and other financial institutions.
If you would like to report a PayPal fraud or any unauthorized activity immediately, click here.
As a business owner, protecting against scams and fraud may not be on your priority list of things to do. However, it should be.
Fraud protection can include many types of practices, measures, and strategies such as the implementation of internal controls, employee background checks, employee training, risk assessments, cybersecurity, and audits to help reduce the risk of potential scams and protect the business’s reputation, assets, finances, and vital consumer data.
Therefore, businesses of all sizes need to have, at the very least, these five protective measures in place to safeguard against hackers, scammers, phishing, and/or email fraud.
We can’t stress this enough. Today, hackers use sophisticated software programs to guess passwords. The weaker your password is the easier it is to guess and the easier it is for any hacker to gain access to your accounts.
This is why you must set strong and secure passwords that are nearly impossible to guess. Strong passwords have at the very least 8 characters, this includes one character that is capitalized and at least one special character such as a !, $, or @ sign.
Always make sure that your businesses’ computers are running on the latest version of whatever Operating System (OS) you may be using and that they are all installed with business-grade anti-spyware and anti-malware software.
Note that free or limited-featured anti-virus software is not enough to protect your business from online threats, regardless of how small your business might be. That is why it is recommended that all businesses seek out Managed IT and Cybersecurity Services to help keep online threats at bay.
Phishing emails are easy to spot if you know what you are looking for. Some email scams are relatively easy to spot as they come from flagged sources or have subject lines such as “Claim Your Free Gift” or “Your Payment Details for XYZ Site Has Expired. Click Here To Update Information.”
However, sometimes phishing scams can be a lot harder to detect, such as the PayPal invoice scams that have sprung up recently.
So, as a rule of thumb, you and your employees should make it a point to never open any links, files, or attachments from unrecognized sources.
You should also train your employees to send any email that they deem suspicious to the IT team for investigation. They should under no circumstances respond or click on anything in that email until they get clearance from the IT team.
By being vigilant and taking precautions whenever possible, you give your business the best chance to remain unscathed from malicious malware, scams, and hackers.
If you are accepting payments from your website or e-commerce platform you need to be doubly careful about online safety and security.
Making AVS and CVV mandatory during checkout is one of the best and most effective forms of fraud protection. This is because while hackers can get your credit card number and expiry date it is almost impossible for them to know the billing address attached to that card or the CVV number behind the card unless they have the physical card with them.
Most payment processing solutions support both AVS and CVV as part of their checkout templates. You just need to make sure you are using these tools that are at your disposal not just to safeguard your business but also your business’s reputation and customer base.
We have all heard those horror stories of people’s laptops being hacked into while connected to an unsecured Wi-Fi network, whether that be at a restaurant/cafe or at the airport.
This is why it is best to always stay connected to a secure Wi-Fi network that is protected by a firewall, has access and guest restrictions, and a strong and secure password.
If you are using an unsecured Wi-Fi network, make sure you have the best firewall installed and the best cybersecurity services at your disposal.
Unfortunately, with advancements in technology and our dependence on it, online scams and frauds are not just increasing but are harder to track and even harder to identify.
As a business owner, you need to be aware of all the different types of online fraud that could pose a potential threat to your business.
So, apart from PayPal invoice scams, as a business owner you also need to be on the lookout for:
Being deceived by fraudsters and scammers can have a disastrous impact on a business as it can lead to financial loss, legal challenges, loss of reputation and stakeholder trust, credit challenges, and operational changes.
Nearly 6.5 billion fraudulent emails are sent out daily and nearly all businesses, no matter their size, are targeted.
The best way to safeguard and protect your business not just from PayPal invoice scams, but also from hackers and fraudsters is Cyberlynx’s 24/7 Intrusion Detection and Response System which detects hackers trying to bypass security and kicks them out before they can get anywhere.
That’s not all! Cyberlynx also offers a range of IT, CIO, and Cybersecurity services for businesses of all sizes providing business owners with much-needed peace of mind and high-quality responsive IT services whenever needed.
To learn more give us a call at 301-798-9170 or email us at info@cyberlynx.com