Cybercriminals are always taking measures to be one step ahead of small business owners, so you need to arm yourself with as much information about the latest threats as possible. Small business owners are prone to phishing threats.
Phishing entails email, phone calls, mobile and web ads, and other means of getting people to turn over log-ins and other credentials. Phishers are always trying to improve how their fake pages and emails look so that people who accidentally open them will click links. Even the smartest and best-intentioned person can easily fall victim to a phishing scam.
Lately, small business owners have been falling prey to a business grant scam currently proliferating on Facebook.
Facebook Fake Government Grant Scam: Real vs. Fake Small Business Grants
There are real legitimate grant programs designed for small business owners through programs such as SBIR/TT (Small Business Innovation Research and Technology Transfer) that offers funding opportunities from federal agencies. State-level programs may also offer startup assistance for new business owners. You can find an exhaustive list of grants currently accepting proposals at grants.gov.
Business grant programs require that owners submit a proposal and follow guidelines: you’re never going to hear directly from these grant programs through social media just bluntly offering you money. You won’t be contacted about government grants from the agencies through a Facebook ad or a “friend” talking to you. A real-life friend could tell you about a grant program, but they won’t try the following.
The Federal Trade Commission has recently received a rash of reports that social media spoofing, Facebook messages in particular, is being used to tell small business owners about small business grants. Phishers claim that recipients won a business grant or were eligible for funding. They asked for “confirmation” for the grants which means the scammer wants your cell number and other identifying information which eventually leads to handing over your passwords or paying “application fees”. Users opened them because it looked like the messages came from Facebook friends.
You’re never going to hear directly from these grant programs if you are not an active applicant. Most people are aware of this scam and have reported it, but victims are disproportionately older small business owners who rely heavily on social traffic and are less mindful of social media spoofing.
Telltale Signs of a Phishing Attack
Phishing attacks come in many forms such as phone scams and robocalls, email fraud, and social media spoofing. Here’s what a phishing attempt looks like.
- The message is rife with syntax and spelling errors.
- You will be asked to contact a specific agency, number, or email because you “won something” or are “eligible” for a grant, bonus, or other large sum of money.
- The signature sounds like an institution that doesn’t actually link to a real website.
- Copypasta: scammers often copy and paste entire copyrights, disclaimers, logos and so on without formatting it to look like the rest of the email.
Staying on Top of Phishing Threats
Preparing yourself and keeping your employees aware of phishing threats is of utmost importance for your business, whether you need to prevent another attack or haven’t been attacked yet. Here’s what you can do:
- Use enterprise-grade email and software systems. These programs often have more safeguards in place than basic versions.
- Never open attachments in emails where you’re not 100% sure who the sender is.
- Invest in anti-phishing training. Global Learning Systems offers a comprehensive anti-phishing training course adaptable for organizations of all sizes, to help your employees stay on top of phishing threats.
Global Learning Systems can keep you one step ahead of hackers and phishers. Contact us today to learn more about how we can keep your organization secure and aware.