Your account has been closed! (and other messages to simply ignore)

You may have noticed that the fraudsters who frolic on the internet have been getting much better at tricking even savvy users.  One such display of their skills has been to fool email users that they are getting a serious email – one that demands immediate reply – from their bank.  Or their credit card company. Or the CRA. Or….well, the list keeps growing.

“So what’s new?” you might ask. “I’ve been getting shyster emails from the dark side since I’ve had email, and I’m on to them.  No worries.”

Well, I wish it were so.  The difference over the past while has been in the sophistication the crooks use to garner your attention.  In the past you would receive an email from your ‘bank’, but the subject line would give it away as not being from your bank at all.  The crooksters weren’t very good with language, period.  They would put something in the subject line like, “Call you Bank – account be closed!!!!”  You would smile since you had just been to your bank, all was working well, and the note came in several hours before your bank visit.  You would cringe to think someone believing himself to be a sophisticate would send an email with poor grammar, one ending in four exclamation marks.

Lately, many of the up and coming young fraudsters have taken classes in the language they want to use.  Their subject lines have become better, more believable.  What is most troublesome is they have gotten very good at having you believe their note really is from your bank, the RCMP or the Canada Revenue Agency.  They replicate a bank’s web site page, or use a very close approximation.  If you’re not careful, and are in a rush, you may just click on “your account” to “fix” the glitch your “bank” has been so eager to bring to your attention.  And then it’s over.  Money starts seeping out of your account, and your data is compromised.

The best way to avoid falling for the scenario above is to develop a rather cantankerous attitude towards everything ‘web’.  Don’t feel compelled to be kind to a stranger.  If your bank is sending you an update, don’t feel the need to respond right away.  If anything – and I mean anything – is sent to you that a curious, or even half-suspicious, mind might in any way think is not absolutely kosher, trash it.  Even if it is an email threatening a tax bill.  Even if it is from your bank warning you your account’s about to be shut down.  Even if it is your mother claiming that if you do not click on her birthday card RIGHT NOW, she will disown you.  Better to have the taxman, your banker and your mom mad at you than find yourself without funds or a business to fall back on.

___________________________

Nathan Mean completed his undergrad and law degrees at Dalhousie University. He loves to help CFIB counsellors ensure small businesses succeed in his role as Director, Business Resources at the Canadian Federation of Independent Business. Over the course of his 16 years at CFIB, Nathan has helped hundreds of members overcome unfathomable regulations and government-imposed expenses, solve issues that relate to day-to-day operations and, most recently, hosted webinars for CFIB members and the small business community on important business issues.


Top 10 Lessons from Fraud Prevention Month

fraud_logo_colorFraud Prevention Month has come to an end for another year. The awareness-raising initiative is formally over but there’s no better time than always to keep the momentum going so your small business remains fraud-free.

If you had a chance to visit the My StartUp blog during March, you’re already aware that we unveiled a wealth of insight, tips, and research on fraud prevention. To officially wrap up our fraud prevention efforts, we’re counting the top 10 lessons from Fraud Prevention Month.

  1. Fraud takes a toll on small businesses, with the average cost in the past year amounting to $6,200 per business.
  2. About one in five small businesses in Canada suffers a financial hit from fraud.
  3. The non-financial effect of being victimized by fraud (e.g., stress, lost time) can be worse than the financial aspects.
  4. Small businesses spent an average of $2,900 in the last year on fraud prevention.
  5. About 44% of all small businesses don’t report fraud, thinking that it will be too time-consuming, or that law enforcement won’t be of much help.
  6. The three most common scams to hit small businesses are: bogus payments, email scams, and phishing scams.
  7. Many fraudsters use the Canada Revenue Agency (CRA) as cover to try to extract personal information from businesses, so be careful during tax season and confirm that it really is the CRA you’re dealing with.
  8. Fraud prevention starts at your place of business: your employees are your best assets when it comes to spotting fraud: this downloadable poster can help them be on the lookout for credit card fraud.
  9. Reporting fraud helps authorities track the problem and also develop better enforcement policies: contact the Canadian Anti-Fraud Centre, the Competition Bureau or your CFIB business counsellor.
  10. The more you know how scams work, the better you’ll be at stopping them in their tracks. My StartUp’s series of blogs on fraud prevention are straight from the front lines, so pay close attention to the details and don’t be fooled!

Finally, when in doubt, always remember the tried and true advice you’ve been hearing since childhood: if it sounds too good to be true, then it probably is.


Who is that mystery caller? A primer on telephone scams

We’ve all experienced it at one time or another: the phone rings and the voice on the other end of the line tells you that you’ve won a lottery you didn’t even play. That should be your first clue that something is amiss.

To recognize Fraud Prevention Month, My StartUp brings you a series of blogs throughout the month of March written by Business Counsellors from the Canadian Federation of Independent Business (CFIB). They field hundreds of calls every year from small businesses that have experienced an attempt to defraud them. They’ve heard all the scams and they know what to look for.

Today’s edition offers a few helpful reminders to protect your business from falling for a bogus scheme over the phone.

__________________________________________________

One of the most valuable resources you have as a small business owner is time. Your day includes finding new market opportunities, monitoring your sales, and keeping an eye on business operations, while staying in compliance with regulations. It is fair to say you don’t have the luxury to waste time.

ss_auto_mechanic_93522841_jpgPeriodically, you may receive a “friendly” phone call suggesting you’re not in compliance with xyz. Often these types of phone calls do not end without the individual over the phone extracting a promise of action (you want more information, you set up an appointment etc.).  You may have walked blindly into an “over-the-phone scam”.

How do you prevent this from happening?

  • Never feel pressured by any company to purchase or obtain further information on the spot.
  • While the government creates many new rules and regulations, in my experience they do not call business owners to inform them of any changes – make sure you are, in fact, speaking with a government agent.
  • You should feel comfortable and confident to inform a caller that you will check with your industry association to get further details (CFIB members can call a Business Resource Counsellor for advice)
  • Never feel you need to provide your personal contact information, business address or credit card information.
  • If you are given a price or a cost of compliance, you may want to shop around to see if there are any other resources that provide the same content at an affordable price (or even free).

Often these callers get aggressive, continuing to phone you constantly.  REMEMBER: many great small businesses are out there just like you, hoping to make the right connections to grow! However, if you feel these are not those types of calls, you can always reach out to:

As always, you have the option to search online for the organization’s website: look for details such as a logo – if it is false “government” look-a-like website, Google the organization’s name and see if any other businesses/people have made complaints about similar concerns.

fraud_logo_colorWhen in doubt, don’t forget you can simply say thanks but no thanks and hang up the phone.

__________________________________________________

CesarCesar Gomez Garcia has been with the Canadian Federation of Independent Business for six years. His current role at the CFIB is helping its members, who are small business owners, with questions about compliance. These questions cover such areas as Employment Standards, Health and Safety, as well as complicated red tape situations that small businesses face. His passions are reading and writing about entrepreneurship. Learn more about Cesar by clicking here.

Cesar Gomez, CFIB Business Counsellor
@josuegomezg
LinkedIn.com/in/josuegomez


Fighting Gift Card Fraud

Gift-cardGift cards are a $128-billion-dollar industry so it’s no wonder that many small and medium businesses are keen to offer them in their stores. But doing so opens up opportunities for fraudsters with scams that leave customers and business owners in the lurch.

Thankfully, there are ways you can limit gift card fraud to protect your business and your customers.

How Gift Card Fraud Happens

The point of sale (POS) is where most scams with gift cards occur, as limited supervision provides the opportunity for employees to abuse trust. Tactics range from swapping a customer’s partially used card with inactivated (i.e. zero balance) cards, to activating cards and then shutting down the register before tendering the transaction.

But it doesn’t stop there. Fraudsters are also using stolen credit cards to buy gift cards in-store, which they then sell for cash, essentially laundering money through your business. Similarly, counterfeit and fraudulent cards are being sold on auction websites.

Worst of all, fraudsters will take pictures of the codes of cards found on in-store displays. They’ll then constantly check the balances of those cards to find out when they have been bought and activated – once that happens they’ll spend the money before the customer can.

How to Fight Back Against Fraudsters

Thankfully, there are some simple tactics you can use to fight gift card fraud. Here are a few of the most important ones:

  1. Control in-store displays: if your store has an in-store gift card display, it’s crucial to ensure that it is safely behind a counter and that codes can’t be viewed and copied.
  2. Staff training: you should train your staff about gift card fraud, so they can be on the look-out for potential fraudsters. They are your first line of defence!
  3. POS surveillance: cameras behind the cash register are unfortunately essential – even if you trust your employees like family it’s good to have insurance.
  4. E-gift cards: e-gift cards close down many of the avenues that fraudsters might use to rip off small businesses. Online authentication and the fact that there are no physical cards to copy can make e-gift cards more secure.

When you’re a small business owner your passion for your product drives you, so when someone defrauds you, it’s personal. Make sure you protect your company and your customers from gift card fraud.

AnyCard-logoAnyCard helps small businesses take their share of the $128-billion-dollar gift card market which is currently dominated by big-box retail and franchises. Our online platform is the easiest and most affordable way to sell e-gift cards – sign up today and you can sell your first e-gift card in just fifteen minutes with no up-front fees or monthly overhead.

The AnyCard platform is secure, easy to use and designed for small business.

In honor of My StartUp’s “Fraud Prevention Month,” enjoy three months of free delivery and handling fees when you sign up your small business with AnyCard before April 15, 2016.


Internal Fraud – when good employees go bad

My StartUp is shining a spotlight on scams this month, showing you how your small business can avoid being taken in by unscrupulous types who would take advantage of your hard work.

Fraud Prevention Month runs throughout March. In this installment of our series of blogs on fraud, a CFIB Business Counsellor highlights how a business can experience fraud from the inside through the actions of an employee.

__________________________________________________

What is internal fraud?

Internal fraud, also known as occupational or workplace fraud, is fraud committed by an employee. It can lead to financial losses, legal issues, damage to a business’s reputation, and low employee morale.

ss_timesheet_55333474_jpgWhat does it look like?

It could be money missing from the till or merchandise missing from the shelves. It could be employees lying on their timesheet, taking a sick day to work another job, making expense claims that are higher than the actual amount, or making payments to themselves.

Why would my employee commit fraud?

Not all fraud is intentional – everyone makes mistakes – but when it is, it’s usually because an employee feels unhappy in their job. Perhaps they were passed over for a promotion or pay raise, or maybe they feel as though their efforts are not noticed.

What can I do?

Use pre-employment checks to confirm a potential employee’s employment history and request copies of education transcripts – this will help verify their honesty. Create an anti-fraud policy and explain fraud_logo_colorclearly to your employees why you have it and why you’ve chosen the disciplinary routes indicated. Set clear expectations for your employees, and let them know when they’re doing a good job. An employee who feels appreciated is less likely to commit fraud.

__________________________________________________

Emma-2
Emma Speagell is a bilingual CFIB Business Counsellor in the Atlantic Region.


What to do when you don’t have time to investigate employee theft in your business

It’s an unfortunate reality of the retail world: certain employees turn out to be less than trustworthy.

To ease the process of investigating an employee gone rogue and thus curb internal thefts and frauds, My StartUp brings you some key preventative insights from Solink, a cloud-based security and loss prevention firm.

______________________________________

solink-As the owner, you know your business inside out, including where you’re most vulnerable to internal theft. You’ve identified which products are most at risk and the common ways employees may tamper with the cash register. But knowing what to look for is only half the battle. Often, the real challenge is finding enough time to properly investigate and collect the evidence required to confirm your suspicions.

If you find yourself frustrated by how long it takes to investigate internal theft, it’s worth reviewing your current process to find bottlenecks that might be slowing you down. Luckily, there are technologies and best practices you can follow in order to increase your investigative capacity. The three recommendations listed below have helped businesses both large and small significantly improve their process.

Point-of-Sale Integration
After finding a suspicious transaction in your point-of-sale records, the next logical step is to check the surveillance footage. Typically, this means writing down a time and date and reviewing video footage until you spot the transaction you’re looking for. Repeat this for each suspicious transaction in your business and you’re looking at an all-nighter at the office.

The solution to this tedious process is Point-of-Sale integration with your surveillance video. It can be as simple as having text overlay on your video footage (most modern DVRs have text overlay as a standard feature) or using a more advanced option, such as software that allows you to search your footage based on transactions and other events. In both cases, the ability to review surveillance video and transactions at the same time is a huge time-saver.

Exception-Based Reporting
The majority of losses in a retail environment occur at the point of sale (POS). But it’s nearly impossible to manually sift through every transaction to spot errors and suspicious activities. Exception-based reporting systems allow you to automatically monitor POS activity for exceptions and trends, such as frequent voids by the same employee. It’s an efficient way to keep track of what employees are doing at the cash registers without having to manually review every transaction. Combine this with POS integration and you’ve automated most of the legwork of investigations.

Cloud-Based Security System
A significant advantage of cloud-based over on-premise security systems is that they allow you to access remotely your video and other in-store data. In other words, you don’t have to be at the store location to check the surveillance footage. This is especially useful for multi-unit owners since it centralizes all your data into one web application that you can access from anywhere.

Whether you choose to invest in one or all three of these recommendations, you’ll be far better equipped to manage employee theft in your business.

______________________________________

Solink is a cloud-based security and loss prevention system that helps businesses to proactively reduce theft. Solink is based in Ottawa, Canada, with deployments worldwide.

http://solinkcorp.com/


Protecting your business from a bad contract

For Fraud Prevention Month, My StartUp is giving you expert advice and insight from the front lines of fraud prevention, with a series of blogs written by CFIB Business Counsellors who are all-too-familiar with the types of fraud that affect small businesses. They hear about the scams from concerned businesses virtually every day.

Today’s blog covers unfair contracts and some of the high-pressure sales tactics that lead to them.

You shouldn’t have to be a Harvard Law School grad to make sense of a contract related to processing payments at your small business. Yet some of these contracts can leave you vulnerable to unexpected charges on what you thought was a great deal.

Don’t get stuck paying more than you should to take payments at your business.

__________________________________________________

MP900431293_JPGOne of the most common calls that I receive from CFIB member businesses is about credit processing contracts and their sales techniques. Sales agents often use high-pressure sales techniques and provide misleading information just to get you to sign the contract.

Be on the lookout for some of the questionable techniques sales agents will use:

  • Saying their company is recommended by CFIB (even though it is not).
  • Saying you are being offered a lower rate, until you are locked into the contract and then you realize you are involved with multiple companies and the rate only applied to one.
  • Claiming that your business can cancel at any time for no added cost, but when you try to cancel, there are added fees and complications.
  • Asking you to send your current processing statements so they can ensure you get the best deal.

Unfortunately, many of these deals are simply too good to be true. The sales agents will say almost anything in order to get you to sign the contract. Usually the phone number the sales agent leaves behind ends up not being in service by the time you really need the help or when you try to verify the terms of the offer made to your company.

Consider five tips to avoid these types of scams:

  1. Call CFIB: we can verify a lot of the information and help you get all the facts.
  2. Never give out your company’s statements. These are private documents with a lot of sensitive information.
  3. Always read your contract line by line to the end, and make sure you read the fine print.
  4. Get a lawyer to review the contract. While you may think it costs too much money to consult a lawyer, remember that if you sign a bad contract, it could lead to even more time and money spent fighting to resolve the situation.
  5. Watch this handy video on things to consider when you’re choosing a payment processor.

CFIB has a wealth of information on how to protect your business from getting locked into a bad contact.

When in doubt, always remember that CFIB’s Business Counsellors are here to help you should you have any questions regarding card processors, or fraud_logo_colorany other fraud-related issues.

__________________________________________________

Elaine1Elaine Lockwood has been a Business Resource Counsellor with the CFIB since July 2015. Elaine graduated from the University of Regina with a business degree, majoring in Human Resources. Elaine notes that the best part about her job at CFIB is helping the organization’s dedicated members each and every day.


Fraud prevention tips from the RCMP and CFIB

Check out these authoritative fraud prevention tips, straight from a trusted source on the subject: the Mounties.

In collaboration with the Royal Canadian Mounted Police, CFIB is pleased to present two insightful videos that can help your small business prevent credit card scams and telephone scams.

Cpl. Chantal Roger explains.

Learn more: How to tell if it’s really the Canada Revenue Agency (CRA) calling

Learn more: Protecting online retailers from card-not-present fraud


Bad Passwords. Let’s hope your password didn’t make THIS list

We’re half-way through Fraud Prevention Month and the Competition Bureau of Canada is encouraging Canadians to update their passwords to protect their information with Change Your Password Day.

Password-protecting your computer, email and various accounts is one of the smartest and simplest ways you can safeguard your personal and business information.

__________________________________________________

Your password is only as strong and effective as you make it. Too difficult and it might be hard to remember, but too easy and you leave yourself vulnerable to theft.

Here are some overly common passwords you definitely want to avoid:

The worst passwords of 2015 (per SplashData)

123456
password
12345678
Qwerty
12345
123456789
football
1234
1234567
locksbaseball

You can strengthen passwords by making them longer, substituting letters for symbols (like using “$” instead of “S”) and avoiding using the same password for different accounts.

The Better Business Bureau (BBB) recommends creating a password of at least 12 characters and a combination of upper and lower case letters, numbers and symbols.

Remember to avoid things that are too obvious, like birthdays, family or pet names, or common words!


Free Fraud Prevention Poster for Your Business

Visa Canada visited CFIB’s My StartUp blog this week to help small business owners prevent card-not-present fraud. Despite the fact that less than 1% of credit cards are compromised, this is still a crucial topic for Fraud Prevention Month, since credit card fraud is one of the most common types of fraud in the retail business.

fraud2016_poster_enA big part of preventing credit card fraud is knowing what to look for and training your staff on the hallmarks of this type of fraud. That is why the Canadian Federation of Independent Business (CFIB) has created a free downloadable poster for you to hang in your place of business. It contains tips and info that will help orient your employees to help you prevent credit card fraud.

You can download the poster on CFIB’s fraud prevention web page in 8.5 x 11 or 11 x17 formats.

And please keep coming back to CFIB’s My StartUp blog for more great tips and info throughout the month of March. Our Business Counsellors answer about 30,000 calls from small business owners each year on virtually any business topic, issue or question that matters to you. Many of the calls our counsellors receive are fraud-related and throughout the month we will share their stories and tips to help you fight fraud.