We use cookies to give users the best content and online experience. By clicking “Accept All Cookies”, you agree to allow us to use all cookies. Visit our Privacy Policy to learn more.

Manage Cookies
Resources for Businesses My BBB
Latest News

BBB Business Tip: Top 10 scams targeting small businesses

By Better Business Bureau. March 27, 2025.
woman with a worried look sitting at the computer

(Getty Images)

Scams can impact every business, regardless of location, size, or industry. But they are especially a problem for small businesses.  Local businesses and start-ups often don’t have the cyber security support or established accounting processes of larger companies. This can make them more vulnerable to scams.

Fortunately, knowledge is the best protection. If you own or work for a small business, stay informed about these common scams and report them if your business is targeted.

What are common small business scams?

Phishing scams. Phishing scams attempt to steal sensitive information about your business. These scams often appear to be legitimate emails or text messages. However, when you click on the link, you download a virus that captures personal information or loads a form that asks for bank account or credit card details. Be leery of unsolicited messages, and don’t click on links. Instead, hover over the link with your cursor to see the real address. Also, be sure your computer has the proper firewall and computer protection software. Read more about phishing scams.

Business Email Compromise (“BEC”). Business email compromise fraud is an email phishing scam that typically targets people who pay bills in businesses, government, and nonprofit organizations. According to the Federal Bureau of Investigations, it has resulted in more losses than any other type of fraud in the U.S. In Canada, BEC scams are among the top reported scams recorded by the Canadian Anti-Fraud Centre (CAFC). 

In BEC fraud, the scammer poses as a vendor or other trusted source who emails an accountant or chief financial officer. The email asks them to wire money, buy gift cards or send personal information, often for a plausible reason. If money is sent, it goes into an account controlled by the con artist. Learn more about BEC scams.

Ransomware attacks. Cybercriminals encrypt a company's data and demand payment for its release, with small and medium-sized businesses increasingly targeted. BBB has tips to help businesses prevent installing ransomware on their devices. Find additional tips on how your business can prevent identity theft.

Phony invoices.  Businesses receive fake invoices demanding payment for products or services never ordered or received. The most common scams involve office supplies, website or domain hosting services, and directory listings. If you look closely, you’ll often see the fine print that identifies the bill as a solicitation. Generally, the amount is small enough not initially to raise a red flag. Read more about phony invoice scams.

Tech support scams. Fraudsters pose as IT professionals, claiming to fix non-existent computer issues to gain access to systems or extract payment. BBB offers guidance on how to spot the signs of a tech support scam and what to do if you're a victim of a tech support scam. 

Stolen identity. Scammers often pretend to be legitimate companies to trick consumers. Scammers set up fake websites and “hijack” your company name and address. They may also use brand hijacking - blatant copying and misusing company logos and website content - to impersonate a business and deceive unsuspecting visitors. In this con, the company doesn’t necessarily lose money. However, their reputation is tarnished when angry customers ripped off by scammers think the real company is responsible.

Overpayment scams.  In this scam, the person you are doing business with sends you a check for more than the amount they owe you. Then, they instruct you to wire the balance back to them. Or, they send a check and tell you to deposit it, keep part of the amount for your compensation, and then wire the rest back. The results are the same: the check eventually bounces, and you’re stuck, responsible for the full amount, including what you wired to the scammer.  Read more about fake check scams.

Office supply scams.  Businesses receive an unexpected telephone call from someone claiming to represent a reputable company with which the firm often does business.  Sometimes scammers will even call in advance to find out what brand of supplies or equipment the business uses. The scam caller will try to sell the business surplus merchandise at a reduced price, citing a cancellation or over-order by another purchaser. The merchandise doesn’t exist. Don’t be fooled.

Deepfake scams. Deepfake scams are a growing threat to businesses, especially as AI technology rapidly advances. Deepfake scams involve the use of artificial intelligence to create highly realistic but entirely fake audio, video, or text content. Cybercriminals use deepfake technology to impersonate executives, employees, or business partners, tricking victims into transferring money, sharing confidential information, or making unauthorized transactions. BBB has tips on how to spot and avoid a deepfake scam. 

Charity pitches.  Most businesses are regularly asked to donate funds to charitable causes. While many requests are legitimate, small businesses become victims of fraudulent or deceptive charitable solicitation schemes every year. Research charities and see more giving tips at Give.org.

Tips to avoid small business scams

BBB offers these tips to help small businesses protect themselves:

  • Keep good records. Keep documentation of all orders and purchases. This will help you to detect bogus accounts and invoices.

  • Be extra careful with payment procedures. Establish payment authorization procedures, including a multi-person approval process for transactions above a certain dollar threshold.

  • Avoid some payment methods when possible. Wire transfers, pre-paid debit cards, and gift cards are scammers’ preferred payment methods. Always confirm that an authorized source verifies any requests for payment with untraceable methods such as these. Also, try to pay by a written company. That way, a paper trail has been created.

  • Double-check vendors. Make sure that the business billing you is a business you’re familiar with and normally do business with. If not, question it. Get the name of the person you speak with, the company name, address, phone and website. 

  • Be careful what information you share. Do not give out information about your business unless you know what the information will be used for. Never provide personal information or financial details to anyone you don’t know.

  • Protect your devices. Make sure you have proper computer protection software and a firewall. Don’t click on links inside unsolicited e-mails. They could spread malicious software or viruses.

  • Spread the word. If your employees know about the scam, they’ll be more likely to spot it. Tell your colleagues, too.

Read more about scams targeting businesses in our business scam hub! 

For more information

If a scam has targeted you, file a complaint and report the scam to BBB.org/ScamTracker. Let others in your industry know of the scheme you’ve come across.

For more great tips and tricks on improving your business, check out the BBB business news feed and the BizHQ.

BBB Serving Wisconsin contributed to this article. 

 

Still Need Assistance?

Contact Your Local BBB

Your local Better Business Bureau can assist you with finding businesses you can trust. Start With Trust®.

General Inquiries:

Additional Resources

Additional Topics