This is the third article in a four-part series on business fraud. 

Part 1: How To Prepare Your Business Against Email Attacks

Part 2: How to Prepare Your Business against Malware and Ransomware 

Part 4: Coming soon

Mobile phones play a critical role in business. For most of us, they are never more than an arm’s length away. However, mobile phones provide scammers with easy access to potential victims. By calling a mobile phone and earning their target’s misplaced trust, sophisticated scammers can exact a heavy financial toll.

Unlike an email scam, mobile scams can be more challenging to detect. “The impact of a phone call can be even more deceiving than a digital interaction, since there is less visual information to identify a scam, like email signatures or malicious attachments,” says Lauren Hess, vice president of treasury sales at Wintrust.

In its annual U.S. Spam & Scam Report, Truecaller, a caller ID and call-blocking app, reported that 68.4 million Americans lost $39.5 billion in the prior 12 months due to phone scams. This is an increase of 32.5% over losses in 2021 of $29.8 billion and just over a 100% increase in losses from 2020 of $19.7 billion. Here’s an overview of common tactics scammers use and the actions you can take to protect your business.

Prepare employees to avoid mobile scams

To uncover a weak point, scammers may call everyone employed with your business, particularly those with access to your company’s bank records, such as the accounting staff and members of executive management. Therefore, anyone who carries a phone in your organization can become a scam victim. To make it easier for employees to protect your organization, provide clear and compelling rules to follow when answering calls.

For example, to prevent account takeover schemes, instruct employees never to divulge their login, password, or other identity-related information to anyone over the phone, no matter how aggressively or often they ask. “Being asked about personal information, such as credit card numbers, social security numbers, or PINs, should be a red flag,” says Hess. “Credible organizations will also never request that you withdraw money to hand over to them or transfer money to another account,” she adds.

Resist pressure tactics

Scammers often pretend to be with powerful government agencies and use terminology to scare employees into following their instructions. For example, they may claim there is a warrant for the employee’s arrest or that the company is delinquent in paying taxes and will soon be subject to a government raid of its offices. Alternatively, the caller might pretend to work with a financial institution’s fraud department and ask for an employee to provide your company’s account information to stop fraud.

No matter how intimidating or urgent the caller sounds, ensure employees feel empowered to end the call and seek additional guidance. While this will delay action, it will give your employee time to think and allow others to assess the call’s validity. And remember that government agencies and financial institutions will not use such pressure tactics to trigger an employee to act.

Don’t trust caller ID

While a caller’s phone number may match the government agency or financial institution, scammers can use technology to mask their actual number and replace it with the phone number they need to win their victim’s confidence. When attempting to verify the legitimacy of a call, instruct your employees not to return the call they just ended, even if the number appears correct. Instead, have them call the agency or institution the caller claims to work with by initiating a brand-new call.

While technology makes it easier for scammers to succeed, it can also play a role in stopping attacks. Spam blockers and caller ID apps can help identify scam calls and automatically block them. While such solutions are imperfect, they can make it much harder for a scammer to commit fraud.

Monitor the scams targeting businesses

To ensure their success, criminals continually evolve how they commit scams. Designate someone within your organization to keep track of the latest scams and serve as your company’s subject matter expert. From time to time, ask them to share examples of scams with employees along with reminders to help them avoid becoming victims. “Treasury Management Officers at your bank should have ample material on common fraud schemes and best practices to prevent fraud,” says Hess.

To meet the needs of its customers, every business must maintain multiple communication channels. However, since mobile phone scams are highly lucrative and relatively easy to commit, they will remain an ever-present threat. Teaching employees to exercise caution when answering the phone, empowering them to end suspicious calls, and installing technology to screen incoming calls can mitigate the risk without inconveniencing your employees or customers.

For more information on scams targeting your business, and measures you can take to protect it, visit our security page.