Hackers and scammers are targeting businesses more than ever before leading to new security concerns for businesses both large and small. These new statistics prompted Better Business Bureau Northwest + Pacific to hold its first White Collar Crime & Fraud Prevention Meeting. The goal was to bring together various consumer and business protection agencies for a thought-sharing roundtable.
Roger Fitzpatrick, legal compliance assistant manager at Numerica Credit Union, told the group that his
organization has seen an uptick in business email compromise scams, bank account fraud and CEO impersonation fraud. That’s one of the reasons Numerica chose to sponsor the meeting held February 27th in Spokane.
But Numerica certainly isn’t alone. We examined the ways certain schemes target small business owners versus general consumers, and which demographics are affected by which scams. For instance, scams targeting teenagers are different than those targeting the elderly. Financial
exploitation of general consumers versus wealthy consumers also happens in different ways.
To kick things off, Charles Harwood, Northwest regional director for the Federal Trade Commission, shared these 2018 stats for Washington state:
- Top 3 Types of Fraud Reported: imposter scams; ID theft; and debt collection scams
- Top Type of ID Theft: credit card fraud (37%)
And most concerning? The loss in Washington grew to a whopping $28.3 million, compared to $17.9 million in 2017.
Throughout the Northwest, BBB has also noted an increase in CEO impersonation fraud, where a scammer sends an email to a company’s employees pretending to be the CEO requesting personally
identifiable information or for money to be transferred. Fitzpatrick stressed this type of fraud is particularly risky for small business owners because falling prey one time and transferring a large sum of money, “could easily cost the owner his/her business,” he said.
Senior Special Agent Paul Hagerdorn with the U.S. Secret Service agreed, CEO impersonation fraud is a
major issue. In one case Hagerdorn shared, an employee was emailed by the “CEO” to purchase $2,000 in gift cards. She did it. Then, she received another email request for funds. Finally, she became suspicious and simply walked across the hall to ask her real CEO, only to find out this, of course, was a scam.
Cerise Peck, crime prevention specialist at the Richland Police Department, shared information about a new twist on an old scam: credit and debit card skimming/shimming. Typically, credit cards are skimmed at ATMs or gas station pumps, but recently in Tri Cities, WA, the police department saw skimming take place at a point-of-sales (POS) system.
The method: scammers installed hardware into the card readers that many small business owners plug into their iPads or iPhones to run cards – this jammed the cards, so the reader didn’t work. Consumers were prompted to enter their PIN, which the device installed in the card reader recorded. And just like that, scammers had PIN numbers and banking information. Peck noted there were 225 reported cases in the Tri Cities and this was the first time they’d seen POS-skimming in the region.
To combat some of this, Harwood went over cybersecurity best practices for small business owners. Among the FTC’s recommendations:
- Look out for ransomware,
tech-support scams and phishing emails
- Set up vendor management
- Purchase cyber insurance
- Secure remote access to documents
and information, as well as physical access
Other attendees who provided information at the meeting included: Lyn Peters, director of communication, WA Department of Financial Institutions, Teresa Glidden, education & outreach
coordinator, WA Secretary of State Office, Rick Brito, office of fraud & accountability, WA Department Social & Health Services, and Kathleen Connolly, Postal Inspector, USPS.
The next meeting will be held in Fall 2019 in Tri Cities. Details to be announced.