Scam alert: is a fraudster taking your company's payments? Email
Written by Colorado Green NOW   
Tuesday, December 22, 2020 05:00 AM

Colorado Green Now

Landscape company owners should be aware of scams and online threats to their business and their clients. In 2020, as more business is conducted online and consumers are using online ordering and payment for the first time for many services, cybersecurity is more critical than ever. Scammers have become increasingly sophisticated, leaving even savvy internet users vulnerable. 

Recently, an ALCC member contacted a customer about a past due invoice. When the client forwarded an email confirming “payment,” they discovered that the customer’s account had been hacked. Scammers recognized an opportunity and sent an email that appeared to be from the landscape company, requesting payment to the fraudulent bank account. Another ALCC member company had a similar case of fraud committed against them last year. 

In another incident, a landscape company email account was compromised and spoofed. Emails sent to the account’s contacts included not just the name and email address of the landscape company employee but also the company logo. Some recipients who have regular contact with the company inadvertently clicked on the email attachment and were in turn compromised.  

Each of these incidents, regardless of whether the company had a role in the scam or created the vulnerability, can hurt the company reputation or create bad will between the company and clients or colleagues. Data security and privacy are important topics, and business connections want to know that your communications and your data—and in turn, their data—are secure. Hiring an IT firm is an option to help increase security can be valuable in preventing a breach.  

To protect clients and colleagues, it may be helpful to post on a company website and in contracts and emails some language noting the payment methods offered. Inform clients that your company will never ask for a wire transfer and that they should contact your company if they receive such a request. 

Some other good advice for online security:  

  • Do not wire money to anyone on the advice of an email. Most businesses will not request payment this way.  
    • Before you send a wire or bank-to-bank payment, use the phone. Call the business to confirm the details and verify payment information.  
  • Do not call the number included with a payment request without first verifying that it is the correct number for the business. Scammers will sometimes provide a fraudulent phone number with the request. Call the number you have on file or look up the company number online. 
    • If you are not expecting an attachment from a sender, do not click on it.  
    • Look closely at the email address and sender name. Do they both match previous emails? Sometimes a misspelled name can be the clue to delete an email. 
    • Create a new email to the sender—do not press reply on the suspicious email. Ask them to verify that the email and attachment were sent on purpose. 
    • Pick up the phone. Give the sender a call and verify that they sent you the attachment. It may help make them aware that they’ve been hacked. At the least, you’ll have a good opportunity to connect with a vendor or client. 

Read more in this issue of Colorado Green NOW:
ProGreen EXPO becomes the ProGreen EXPERIENCE
Two tips for a great start to 2021
2020 SLM Colorado wrap-up
ALCC announces 2021 board of directors