Common Business Scams and How You Can Protect Yourself

February 12, 2018

You have enough on your plate running your business without constantly being vigilant for email scams, phony invoices and other fraud attempts. Recently, the Better Business Bureau released a warning about a common scam that has been on the rise— The Directory Scam (or “Yellow Pages scams”).

Here’s what to look out for, along with other commonly used scams and how to prevent fraud from hitting your business.

DQmVfJMhuveC54W7h3pqqtMkwabbAvndSnVXra43cXr3nS2

Directory Scams – The scammer calls the business claiming they just want to update company’s entry in an online directory or “Yellow Pages.” The business is later billed hundreds of dollars for listing services they didn’t agree to or for ads which they thought would be in the actual Yellow Pages. They are often looking for the employee to say “yes” so they can go back and edit the recording, making it sound like you said “yes” to advertising.

Business Email Compromise (BEC) – Scammers typically involve phony or “spoofed” emails that appear to be from high-ranking company officials that instruct employees to wire large amounts of cash or provide sensitive information such as W-2 wage and tax statements. Thieves use publicly available information to research the targeted organization, tailoring the spoofed or faked email to make it appear that it came from a company executive.

Merchant Services Scams – The caller will identify themselves as a “Merchant Services” provider and claim that you are being overcharged. The caller will insist they are just trying to help but before you know it, they have converted you to their system, including a HUGE termination fee within their contract. Always contact OMEGA first. OMEGA has your information and your statements—these calls are unethically taking advantage of you!

Office Supply Scams – Every year the BBB receives thousands of complaints from small business owners who were deceived by office supply companies who billed them for products like toner or paper that they didn’t order.

Vanity Awards – Not all awards are on the up and up. Some are just money-making schemes and have no actual merit. Research all business or leadership award opportunities, and be wary if you’re asked to pay money.

Stolen Identity – In this case, your business reputation could be tarnished if customers are ripped off by scammers and think that you are actually responsible.

Phishing Scams – Hackers will attempt to gain access of your computer or network not with a rod and reel but with emails that look like they are from a trustworthy company. Common examples include emails pretending to be from the IRS, BBB or government agency. If you receive a suspicious email, DO NOT click on any links or open any attachments. Contact the agency directly to confirm the legitimacy of the email.

Fax Back Scams – Businesses will receive an unsolicited fax, usually offering great deal on a product or a trip. They often require that you send a fax back or call a toll-free number. Be careful. The high costs when you reply are often not disclosed, and you can be charged several dollars if you fax back.

Other common scams could be in the form of phony invoices, charity pitches, coupon books, and business opportunities. Knowing what scams are out there is the number one way to protect yourself from fraud happening to you. Contact us for more information on keeping your company safe.


Data Security Fast Facts

February 9, 2018
Key statistics from the 2017 Thales Data Threat Report, Retail Edition.
Data Security Fast FactsAccess the entire report here:

BBB Warns of Email Scams This Tax Season

January 17, 2018

The Better Business Bureau (BBB) is advising businesses and organizations to be aware of Business Email Compromise (BEC) scams that have stolen sensitive employee and resulted in losses of millions of dollars. BEC scams typically involve phony of “spoofed” emails that appear to be from high-ranking company officials that instruct employees to wire large amounts or cash or provide sensitive information such as W-2 wage and tax statements. Thieves use publicly available information to research the targeted organization, tailoring the spoofed or faked email to make it appear that it came from a company executive.

Here are some tips that can help companies and organizations protect themselves from BEC scams:

  • Institute employee fraud-awareness training, including instructions on how to carefully scrutinize email requests and email logs.
  • Implement a policy to require confirmations for all fund transfer requests.
  • Create a solid business continuity plan in the event of a BEC scam.

If you fall victim to such a scam, contact your local FBI office as soon as possible. In addition, contact your financial institution if there has been a wire transfer scheme and the IRS if the event tax information has been compromised.

Scam alert


Vulnerability Scanning vs. Pen-Testing

January 17, 2018

How does a Penetration test Differ from a Vulnerability Scan? The difference between penetration testing and vulnerability scanning, as required by PCI DSS security standards, still causes confusion within the payments industry. Here’s a look at the differences.

Vulnerability Scanning: Fully automated process that identifies potential security gaps used by hackers to attack systems.

Penetration Testing (Pen-Testing): In-depth, manual tests performed by IT security professionals using the same techniques that hackers use. Pen-Testing mimics real-world system attacks and is an advanced security testing technique that must be conducted annually and after any major changes to the computing environment.

Vulnerability scan vs pen testing


Arm Your Business Against Cyber Attacks

January 10, 2018

One in five small businesses falls victim to cybercrime every year, and approximately 60 percent of those go out business within six months after an attack. In an effort to curb cyber attacks, stringent scanning and testing requirements have been mandated for merchants who use the internet when processing credit cards. OMEGA’s Cyber-Attack Readiness Program identifies vulnerabilities in your business’s systems, fulfills security requirements and reduces data breach risk.

PROGRAM COMPONENTS

  • Vulnerability Scanning: Fully automated process that identifies potential security gaps used by hackers to attack systems.
  • Penetration Testing (Pen-Testing): In-depth, manual tests performed by IT security professionals using the same techniques that hackers use.
  • PAN Scanning: Scanning for Primary Account Numbers (PAN or credit card numbers) that helps ensure sensitive data is not inadvertently stored within a merchant’s systems.

OMEGA’s vulnerability scanning, Pen-Testing and PAN scanning identify system vulnerabilities nearly 100 percent of the time. It’s simple to start the process with our automated Cyber-Attack Readiness Tool, which is backed by the strength of our testing engine and security engineers.

Interested in learning more about how our Cyber-Attack Readiness Program can help protect your business from the growing wave of cyber-crime? Contact OMEGA Processing Solutions at 866.888.9724 Ext. 7 for a consultation.

cybercrime


Data Breach? We Got Your Back.

January 3, 2018

OMEGA Processing’s Data Incident Management Program is a comprehensive suite of services that provides expert assistance to merchants in the event of a data loss incident. This program is included in OMEGA’s PCI compliance program for our merchants.

DIMP program image

Here’s an overview of each of the program’s components.

DATA INCIDENT FORENSIC SERVICES: A full forensic investigation, review and incident report will be conducted by a nationally recognized investigative firm if required by any regulatory agency. ($12,000 value)

DATA INCIDENT NOTIFICATION SERVICES: A legal team specializing in privacy matters will analyze the situation and initiate any necessary federal, state and local authority notification process. ($12,000 value)

LEGAL SERVICES: Affected merchants will be provided up to $10,000 in legal services from a nationally recognized law firm specializing in data loss and compromise situations. ($10,000 value)

DATA INCIDENT PUBLIC RELATIONS MANAGEMENT: A national-caliber PR firm will create internal and external messaging and communications regarding the data incident. ($12,000 value)

EQUIPMENT REPLACEMENT: If advised or required, new processing equipment or software will be delivered directly to the merchant. ($1,500 value)

CONSUMER NOTIFICATION SERVICES: If necessary, a notification message will be developed and distributed to your customers or donors, using your mailing list. ($12,000 value)

 


How Does OMEGA Protect Your Customers’ Card Data?

December 27, 2017

Businesses can lose up to 40 percent of their customers following a data breach. Do you know how OMEGA’s Data Security Solutions are protecting your business?

Ensuring your business has the best compliance, security, reporting, and protection solutions is a top priority at OMEGA Processing. We protect our merchants and their customers with a comprehensive data protection program containing compliance, security, reporting and protection solutions.

PCI ToolKit—This interactive security questionnaire system guides merchants in completing their Self-Assessment Questionnaire (SAQ) and achieving PCI Compliance.

Data Incident Management Program—A comprehensive suite of services that provide expert assistance if a breach should occur. Program components include:

  • Data Incident Forensic Services
  • Legal Services
  • Data Incident Public Relations Management
  • Equipment Replacement
  • Data Incident Notification Services
  • Consumer Notification Services

Vulnerability Scanning—An automatic quarterly scan of your systems can pinpoint potential vulnerable points of entry and detect cardholder data theft before the breach occurs.

Breach Insurance—Up to $100,000 in insurance protection should your business experience a breach of card/cardholder data.

In an effort to curb cyber attacks, OMEGA also provides Penetration Testing and PAN scanning services when required.

PCI compliance is essential to the well being of your business—let OMEGA help keep you protected.

pci