Financial Crime
Fraud attempts against YOUR business?
Fraud is a deliberate act of deception intended to secure an unfair or unlawful gain, or to deprive the target of a right or something else. Legally, fraud can be both a civil tort and a criminal offense, and it can include many different forms and shapes of deception - always evolving - such as various forms of false representation, misinformation or hiding facts, and deceitful conduct in general.
In this article we give you the must common ways that businesses become victim of fraud - and a checklist with action points to protect yourself.
10 most common frauds against a business
Fake invoices
Scammers send fake invoices for products or services never ordered or received, hoping the business will process the payment without verification.
Example: A small business receives an invoice for office supplies it never ordered. Without proper checks, the business pays, unknowingly falling victim to fraud.
Disguised "subscription"
One type of invoice fraud is where something that looks like an ordinary invoice is sent to your company – but in the fine print it says that it’s a subscription - an offer - that you sign up for by paying.
These setups also give a good example of demarcation issues between unethical and unlawful ways to conduct business. If it is sufficiently clear that this was not an invoice but you where in such a rush and your accountant assumed you wanted it paid - then chances are you will not be able to claim fraud and instead feeling that you through money down the drain.
Chargeback frauds
This is where the criminal buys something using a credit card and then dispute the credit card charge with the card issuer, claiming that he or she never received the product or that it was faulty.
Credit card fraud
Credit card fraud is one of the most popular types of identity theft and fraud. It is defined as the unauthorized use of an individual's debit or credit card to transfer money to the criminal by using the card for various transactions.
Advance payment fraud
Advance payment fraud is when a thief requires you to send money in advance for payments, products, or services but once you have paid you never see any product or service and when you seek the vendor there is no reply no matter how hard you try.
Business email compromise (BEC)
The criminal hacks or spoofs your company's email to impersonate a person within the organization or a business partner, instructing an employee at the company to make a payment.
Example: An employee receives an email appearing to be from the CFO, urgently requesting a bank transfer to a new subcontractor that needs to make expenses on your company’s behalf. Acting promptly, the employee transfers the money, only to later discover that the CFO never sent the email in the first place, and that the request was fraudulent, coming from outside of the organization.
Payroll fraud
This is one of the most problematic and common types of fraud because it can be hard to discover and constitutes a clear breach of trust.
Employees manipulate payroll systems to receive unearned compensation, such as increasing reported work hours while not having worked the stated extra hours at all. This results in the employees getting paid higher wages than actually earned.
Phishing attacks
Cybercriminals send deceptive communications, like emails or messages, to trick recipients into revealing confidential information or clicking malicious links that lead to ransomware situations in worst cases.
Example: A seller receives an email that appears to be from the company’s customer service department, prompting him to click a link and verify account details. The link leads to a fake website designed to steal login credentials.
Heath care fraud
This type of fraud can involve both patients, doctors and other medical providers. The concept is that the parties create false claims and documentation with the aim to cheat the system in order for them to receive compensation and or other benefits that they are not entitled to.
Insurance fraud:
In these cases the criminal - the individual - will stage incidents, such as fake injuries or accidents, to claim insurance compensation that it is not entitled to.
Example: A person slips and falls in a store without hurting herself, however she pretends to have gotten a bad blow to the head and claims injuries that lead to costly insurance claims against the business.
CHECKLIST
Preventative measures for you as a business owners:
Stay ontop
Fraudsters pray on trust and stressed business owners not having time to be suspicious. So even though you have more pressing matters, do look over the business in relation to exposure to fraud attempts. Take advice from a securities and a lawyer when relevant. React swiftly and don’t be too easy going assuming it wont happen to you (we all can think that way in theses situations!) - unfortunately this is what fraudsters pray upon.
Educate staff
Provide regular training on recognizing and avoiding fraud schemes, emphasizing the importance of being alert.
Internal controls
Establish checks and balances, such as the four-eyes principle, segregating duties and requiring multiple approvals for significant transactions.
Business partner due diligence
Make sure you verify customers and business partners.
Verify communications
Always confirm the legitimacy of unexpected requests for funds or sensitive information, especially those made via email.
Conduct audits
Perform routine reviews over your finance, to detect and address any suspicious activities quickly.
Secure your IT-universe Utilize established cybersecurity measures, including firewalls, MFA, antivirus software, and secure password policies.
Insurances Make sure you have proper insurances in place.
Whistleblower systems If something happens, or an attempt is identified, make sure your staff knows where to report and the importance of reporting.
Report and secure evidence Make sure you act quickly both in relation to a police report, try to secure evidence and make sure you make any insurance claim promptly.
Summary
By understanding the severe implication of fraud, and by knowing the most common fraud schemes that you could become a target of, you can take proactive steps to safeguard you business against fraudulent activities and also make sure that if something happens, you are also more ready to deal with that and to minimize the impact.
This is not legal advice it is knowledge sharing. If you seek legal advice please contact me on the email below.
London, 25 March 2025
Author: Kat Strandberg
Email: Kat@stgcommerciallaw.com
10 most common frauds against a business
Fake invoices
Scammers send fake invoices for products or services never ordered or received, hoping the business will process the payment without verification.
Example: A small business receives an invoice for office supplies it never ordered. Without proper checks, the business pays, unknowingly falling victim to fraud.
Disguised "subscription"
One type of invoice fraud is where something that looks like an ordinary invoice is sent to your company – but in the fine print it says that it’s a subscription - an offer - that you sign up for by paying.
These setups also give a good example of demarcation issues between unethical and unlawful ways to conduct business. If it is sufficiently clear that this was not an invoice but you where in such a rush and your accountant assumed you wanted it paid - then chances are you will not be able to claim fraud and instead feeling that you through money down the drain.
Chargeback frauds
This is where the criminal buys something using a credit card and then dispute the credit card charge with the card issuer, claiming that he or she never received the product or that it was faulty.
Credit card fraud
Credit card fraud is one of the most popular types of identity theft and fraud. It is defined as the unauthorized use of an individual's debit or credit card to transfer money to the criminal by using the card for various transactions.
Advance payment fraud
Advance payment fraud is when a thief requires you to send money in advance for payments, products, or services but once you have paid you never see any product or service and when you seek the vendor there is no reply no matter how hard you try.
Business email compromise (BEC)
The criminal hacks or spoofs your company's email to impersonate a person within the organization or a business partner, instructing an employee at the company to make a payment.
Example: An employee receives an email appearing to be from the CFO, urgently requesting a bank transfer to a new subcontractor that needs to make expenses on your company’s behalf. Acting promptly, the employee transfers the money, only to later discover that the CFO never sent the email in the first place, and that the request was fraudulent, coming from outside of the organization.
Payroll fraud
This is one of the most problematic and common types of fraud because it can be hard to discover and constitutes a clear breach of trust.
Employees manipulate payroll systems to receive unearned compensation, such as increasing reported work hours while not having worked the stated extra hours at all. This results in the employees getting paid higher wages than actually earned.
Phishing attacks
Cybercriminals send deceptive communications, like emails or messages, to trick recipients into revealing confidential information or clicking malicious links that lead to ransomware situations in worst cases.
Example: A seller receives an email that appears to be from the company’s customer service department, prompting him to click a link and verify account details. The link leads to a fake website designed to steal login credentials.
Heath care fraud
This type of fraud can involve both patients, doctors and other medical providers. The concept is that the parties create false claims and documentation with the aim to cheat the system in order for them to receive compensation and or other benefits that they are not entitled to.
Insurance fraud:
In these cases the criminal - the individual - will stage incidents, such as fake injuries or accidents, to claim insurance compensation that it is not entitled to.
Example: A person slips and falls in a store without hurting herself, however she pretends to have gotten a bad blow to the head and claims injuries that lead to costly insurance claims against the business.
CHECKLIST
Preventative measures for you as a business owners:
Stay ontop
Fraudsters pray on trust and stressed business owners not having time to be suspicious. So even though you have more pressing matters, do look over the business in relation to exposure to fraud attempts. Take advice from a securities and a lawyer when relevant. React swiftly and don’t be too easy going assuming it wont happen to you (we all can think that way in theses situations!) - unfortunately this is what fraudsters pray upon.
Educate staff
Provide regular training on recognizing and avoiding fraud schemes, emphasizing the importance of being alert.
Internal controls
Establish checks and balances, such as the four-eyes principle, segregating duties and requiring multiple approvals for significant transactions.
Business partner due diligence
Make sure you verify customers and business partners.
Verify communications
Always confirm the legitimacy of unexpected requests for funds or sensitive information, especially those made via email.
Conduct audits
Perform routine reviews over your finance, to detect and address any suspicious activities quickly.
Secure your IT-universe Utilize established cybersecurity measures, including firewalls, MFA, antivirus software, and secure password policies.
Insurances Make sure you have proper insurances in place.
Whistleblower systems If something happens, or an attempt is identified, make sure your staff knows where to report and the importance of reporting.
Report and secure evidence Make sure you act quickly both in relation to a police report, try to secure evidence and make sure you make any insurance claim promptly.
Summary
By understanding the severe implication of fraud, and by knowing the most common fraud schemes that you could become a target of, you can take proactive steps to safeguard you business against fraudulent activities and also make sure that if something happens, you are also more ready to deal with that and to minimize the impact.
This is not legal advice it is knowledge sharing. If you seek legal advice please contact me on the email below.
London, 25 March 2025
Author: Kat Strandberg
Email: Kat@stgcommerciallaw.com