AS BUSINESS OWNERS, BE ON THE LOOKOUT FOR SCAMS
#1 SCAM: WEB HOSTING INVOICES
Connecticut state officials are warning businesses about fake invoices that claim to be from a New York City web hosting company. The invoices claim to be from “Web Host Agents” and request urgent payment to prevent the business’ website from being taken down, according to the state Department of Consumer Protection.
The Department of Consumer Protection has received several complaints. Think twice before paying an unfamiliar invoice. If you have any doubts that an invoice is legitimate, don’t provide payment or personal information. Also read the entire invoice. With this scam there is a disclaimer on the bottom that reads, “you are under no obligation to pay the amounts stated herein.” Don’t let your accounts payable person or department panic and pay the bill.
Here are ways to recognize a fake invoice:
- It comes from an unfamiliar organization or business.
- The language pressures you to act quickly or face consequences. In this case, the invoice claims that failure to renew web hosting by the due date can result in “web outages” and “loss of your online identity.”
- The amount of money you’re being asked to pay is atypical for the product or service listed on the invoice. A charge of $180 to host a website for a year is unusually high without details about additional services included in the cost.
If you believe you’re the victim of a scam, email the DCP.
#2 SCAM: CERTIFICATE OF EXISTENCE
A mailing sent to businesses recently from a company calling itself CT Certificate Service claims to be a “2019 Certificate of Existence Form.”
The mailing suggests it is part of the state’s business registration process, claiming to be the final step for obtaining a Connecticut Certificate of Existence. “A Certificate of Existence certifies that your Connecticut business is in existence, is authorized to transact business in the state and complies with all state requirements,” the mailing states. Businesses are asked to complete a form and send a check or money order for $112.50 to a West Hartford address. The mailing is contained in an envelope marked “Important—Open Immediately” and “Time Sensitive.” Recipients are asked to respond by August 2.
Secretary of State Denise Merrill and Attorney General William Tong warned the mailing is not legitimate and the company has no affiliation with the state. Merrill added that a certificate of legal existence is an optional document issued by her office for a small fee.
CT Certificate Service appears to be a fictitious name used by a company in Saint Petersburg, Florida. The mailing is similar to one this past January demanding a $110 payment for “state administration compliance.”
If you have received any of these letters, Tong’s office wants to know and can be reached by email or by calling 860.808.5318. Merrill said businesses concerned about the legitimacy of a mailing should email her office or call 860.509.6003.
#3 SCAM: CYBER BREACHES
The Internet Society’s Online Trust Alliance just released its 2018 Cyber Incident & Breach Trends Report, which says “2018–Some Better, Some Worse, All Bad.” Here are the highlights from the report.
Although the number of data breaches and exposed records decreased, and ransomware and distributed denial of service attacks were down, “the financial impact to businesses from ransomware increased by 60%, losses from business email compromise doubled, cryptojacking incidents…more than tripled”, and “there continued to be a steady stream of high-profile data breaches”.
It is estimated that ransomware will cost U.S. businesses $8 billion in 2018, growing to $20 billion in 2021. Ransomware attackers are more targeted and vicious, and asking for higher ransom amounts when successful in infiltrating a system.
Formjacking is a serious problem, increasing by 78% in 2018. Formjacking occurs when attackers “infect a website’s submission form via a third-party supplier or malicious code carried in ads and then either scrape the information or infect the user.” Symantec estimates that in 2018 about 5,000 websites a month contained formjacking code. BECs increased in 2018 to more than 20,000 incidents, resulting in $2 billion in losses, and which are expected to continue to rise.
The report ends by saying the trends will continue and that 95% of all incidents could have been prevented.
It provides an outline of trends, and tips for preparedness and readiness, and emphasizes that data security still comes down to people. It is critical that you train your staff continuously about scams and cybersecurity. If you do not have a plan or policies, please watch for our upcoming workshops on this topic.
AS ALWAYS, The Windham Region Chamber is here to help you be more successful. Every month we host a number of workshops on topics like cybersecurity for free. Please take the time to help your business by attending one of them.
Read More on WindhamChamber.com