Beware of Holiday Scams

According to the FBI Internet Crime Report, Americans lost over $10.2 billion to cyber-enabled fraud, including $107 million to spoofing in 2022. Even savvy people can be caught by sophisticated schemes. Don’t be a victim; here are some common types of threats you should know about.


Spoofing is when online scammers message you, posing as a trusted vendor you know. They use email, social media, texts and other messages to lure people to fake stores that steal your money, credit card details, or personal information. Don’t click on any URL that looks slightly odd.

If your business has been spoofed, warn your customers to be on the lookout. Then, ensure that they have access to your website, email and shipping information.


You may receive a message claiming your package has been delayed and you must pay a fee to have it delivered. Think before you click.

The post office and other delivery services usually leave a note in your mailbox or at your door, rather than send a message. So, unless you expect a package and are positive that you recognize the sender, delete the message. Generally, if you are surprised by messages, or receive one that does not seem right, it is probably a scam.

Keep Your Business Safe From Fraud

Sadly, fraudsters are continually looking for ways to make a quick buck at your company’s expense, so make sure you’re taking steps to protect your business from all types of threats.


Preventing fraud from the inside involves ensuring employees’ duties are adequately segregated. Make sure that more than one person has responsibility for each process. And consider requiring vacations. That will give you a chance to complete an audit in an employee’s absence to ensure everything is working as intended.


Outsiders can take control of your entire network, knocking you offline and locking you out of your files until you pay them a fee. Protect your company from cyber fraud by using secure and private internet connections. When employees travel, provide them with data hotspots, so they don’t need to rely on public internet options. And keep all software, firewalls, and antivirus software updated to prevent hacks and ransom attacks.


Protecting your office goes beyond the cybersphere. Having a secure entry system helps to keep unwanted visitors out. Consider limiting employees’ access to sensitive areas. For example, allowing only IT managers access to the server room.

Take a look at how your sensitive documents are stored. Human resources and accounting should have locking file cabinets to secure private information and, ideally, you should have locking offices for those employees.


No precaution is foolproof, and that’s why having adequate insurance is a must. Business crime, identity theft, and cyber threat insurance may prove invaluable should your company become a victim.

You may be able to secure these policies as add-ons to your general liability policy, so speak with your insurance agent to ensure you have the right coverage for your company.