6 simple steps to scam a business


There are many ways that business owners get tricked by criminals in order to steal money from them. They create email messages which have a sender’s address that is misleading with an intention of having the recipient read it and maybe take actions that are in line with the email’s contents. It is easy to get scammed if you have a business through the following steps by criminals;

  1. These criminals will create an invoice that is fake in pretense of being a local company who need payments. The invoice will have the bank details of this company that needs the payments.
  2. Have the email address and the name of the owner of the business that is going to be your victim.
  3. Have the email address and name of the person who is responsible for bills payment in this business.
  4. Spoof an email to the one who pays bill for this specific company so that he or she thinks that the owner of the business is sending it to him.
  5. Type;

Hi <name of the person who pays>

Pay this invoice for me via BACS as soon as possible


<First name of the business owner>

  1. Wait for the payments to be made in your account.


The following are the ways that one can protect himself or a company from being spoofed;

  1. By using the spam filters. Almost all email services have junk boxes and spam filters so that if anything goes to the junk mail then you can not only unblock it but also you can investigate where it is coming from even if it is looking as if it comes from someone that you know.
  2. Do not download any link that has an attachment that is not familiar. Most of the major companies have a policy in place that if you want to click in their site for a link, then they will have a way of identifying you like including your name or at least the last four digits of your account number. There is no institution or bank that can send you an email that says “Your account has been compromised, click here to validate.” They can only tell you, “Dear Jane, we believe your account has been compromised, please call us at xxxxx.”
  3. Always read the email message headers and click IP addresses and domain names. When you float the mouse over an email address, what pops up should be the same as what you are floating over.