Your Guide to Combatting Business Impersonation Scams

In an era when digital connectivity is a growing part of how we navigate our finances, business impersonation scams are also on the rise. Business impersonation scams are the most reported type of financial fraud, according to the Federal Trade Commission, with consumers losing nearly $12.5 billion to fraud in 2024. 

Business impersonation scams often involve the fraudster posing as a trustworthy organization to gain access to your sensitive and/or financial information. 

How do business impersonation scams work? 

The best way to protect yourself from these scams is to understand how they happen, and to be alert when it could be happening to you. Typically, the scammer could contact you by phone, text, or email. They may pose as an employee of a company you recognize, such as a well-known technology company or your banking institution.  

If contacted by phone, the person may tell you that they are calling because they have noticed fraudulent charges to your account. They could also ask if you recognize a charge that you did not authorize. This is a tactic that is meant to incite fear from you, which could change how you make decisions. 

If contacted by text or email, the scammer will attempt to gain access to your financial information by asking you to call a certain number (that will lead to the scammer) or request that you click on a link to verify your identity. It is important to note that financial institutions will never ask for you to click on a link. 

Ways that the scammer may attempt to obtain your information. 

The goal of the scammer is to make you think that your information has been compromised already. This way, you are in a state of panic and want to immediately resolve the issue and could miss the signs of a scam. Here are a few scenarios of how a business impersonation scam could play out for a victim, so that you can recognize them if they happen to you.

1. Request remote access to your computer or personal device. If granted access by you, the fraudster may download malware that could infect your computer. In addition, this may allow them to obtain sensitive data, such as your stored passwords, personal identification information, and browser history. 
2. Ask for your online banking credentials. The fraudster may use bits and pieces of information to try to break into your online banking account. That is why it is important not to reveal your username or password to them. The scammer may also ask you to read a code sent to you from your financial institution sent via text. Often, giving this code to them will provide them with access to your online bank account. 
3. They could ask for your full credit/debit card details. This includes your full credit/debit card number, expiration date, and CVV code. 

Tips to protect yourself. 

Business impersonation scams can be easy to spot if you know what you are looking for. Here are a few ways that you can protect yourself, and your wallet. 

• If you receive an email or text request from a business, always call the business directly. Do not click on any links or call the number listed in the email or text.  

• Do not ever allow a business remote access to your computer or device. 

• Never provide your online banking credentials to anyone. 

• Read codes that are sent to your phone carefully before providing them verbally to anyone. 

• Never buy gift cards or send cryptocurrencies to anyone. No legitimate business will ever ask you to do this. 

• Do not provide your debit/credit card details to anyone. A company will not request this information if they are processing a refund. 

• If you receive an email from a business, look at the sender email address carefully. Scammers will often use a combination of letters, numbers, and names in their email address, or use a slight variation of the name of the business in the email address. 

It is also important to use your instincts. Often, if the communication you receive sounds fishy, it probably is. It is okay to do some research on the proper email address and look up the phone number of the business before responding to a phone call, email, or text. After all, that extra research time could prevent you from being swindled. 

To learn more about common fraud schemes and how you can protect yourself, follow our blog, and review this webinar for more information.