This year they’re also using the cost of living crisis and high energy prices to come up with ‘too good to be true’ offers and investment deals that are non-existent or worthless. 

Be prepared by learning some of the common ways scammers target companies and how you can help to protect your business. 

The end of the year often leads to fraudsters intensifying their approaches. Whether they target you with bogus emails, texts or telephone calls, each has one aim: to prey on anxieties around money and use a period of increased spending to capitalise by offering fake goods, services that don’t exist, or those that are simply too good to be true. 

This approach is particularly common for investment scams. Many of these fraudsters are financially knowledgeable and use credible-looking websites and reviews that are difficult to distinguish from the real thing.

Fraudsters also target businesses with purchase scams using social media, fake or cloned websites that offer goods at a heavily discounted price. However, the goods do not exist, do not match the product description, or aren’t worth the money. 

The energy crisis is also being exploited, with criminals making fake offers from well-known energy firms attempting to entice businesses into parting with your financial information and cash. 

If a buyer or seller tries to persuade you to go outside the website’s usual process or payment methods, treat with extreme caution as its likely to be a scam.

When it comes to investment scams, fraudsters often host fake comparison websites to give the impression that you found the investment yourself, meaning you’re less likely to think it’s a scam. They also know that businesses are more likely to invest with well-known firms, so they create ‘cloned firms’ and websites that look exactly like legitimate ones. Fraudsters do this in the hope that you’re less likely to perform any checks before agreeing to an investment.  

Here are two things to keep in mind before committing to any investment: 

• Use the contact details on the Financial Conduct Authority (FCA) register, not the details the firm gives you. You can search by entering its name, firm reference number (FRN) or postcode.
• Search the FCA list of unauthorised businesses to check if the company is regulated by the FCA. The FCA also publishes details of businesses believed to be involved in fraudulent activities. 

For purchase scams, fraudsters often try to place businesses under pressure to make them act quickly. They may do this by saying that their offer is “for a limited time only” or that you “must act now”. These tactics are a deliberate ploy to prevent you taking the time to research whether the offer is real. 

Be wary of requests to pay by bank transfer. If a buyer or seller tries to persuade you to go outside the website’s usual process or payment methods, treat with extreme caution as its likely to be a scam. 

To help protect yourself, carry out the following: 

• Do some research to find out what a fair price is for similar goods in the same condition. If the offer sounds too good to be true, it probably is.
• If you’re unsure, you can check online to see if there are warnings and bad reviews about the company. Don’t rely on reviews the company has on its own website as these can be faked. You can also search for a company's details on GOV.UK. This will tell you if the company is actually registered.

Also known as web skimming, digital skimming is when a scammer embeds a piece of malicious JavaScript code into the payment pages on an e-commerce website, effectively turning a legitimate website into a phishing page. It’s like a digital version of ATM fraud, where criminals fit devices to cash machines to read the card data.

Web-skimming scripts are designed to retrieve customer payment information such as card details. However, fraudsters can also target websites to steal customer details and passwords. It is considered a growing risk because fraudsters do not necessarily need cyber expertise to target a business in this way. 

As events such as Black Friday approach, businesses taking online payments are vulnerable to this type of attack. For more information, you can read our article covering digital skimming in more detail here. 

To help manage your website securely and minimise the risk of digital skimming, do the following:

• Ensure operating systems and antivirus software are updated to the latest version
• Regularly revise passwords and do not use the same one across multiple accounts.
• Back up your systems regularly and test that they restore correctly.

To find out more about common threats that could help protect your business, explore the advice and resources of the National Cyber Security Centre.