5 Scams Small Business Owners Need to Look Out For

Internet scammers love to target small business owners because many lack the technical experience to defend against their schemes. Keep your customers, your bank account, and your business safe by arming yourself with knowledge of some of the most common scams. 

As nice as it would be to go through life believing people have the best intentions, there are a lot of people dedicated to stealing your money. The Internet has seen a lot of advances in the past twenty years, and, unfortunately, the scammers have adapted.

If you own a small business, you are directly in the crosshairs of the following scams. Don’t take the bait!

1. Fake Google Representatives

If you own a small business, you’ve probably received daily robocalls “from Google.” The trouble is, these calls are not really coming from Google.

If you don’t hang up immediately, you’ll be given an option to speak with a representative about fixing your Google My Business Listing. These “representatives” work in a crowded boiler room sort of business, and they are trying to squeeze money and personal information out of you.

Sometimes, these sketchy companies will gain access to your small business’s Google listing, change your information to be inaccurate, and then call you back pretending to be an internet marketing company that can fix the information that they messed up – for a price.

2018 03 23 Fake Google Rep

Google has dedicated a page to these scam telemarketing calls. Remember, Google doesn’t place robocalls or ask for your personal information. They do not have an outbound call center. Google has a support line, but they are dedicated to troubleshooting problems, and not trying to sell you things.


If your phone is ringing off the hook and it seems like “Google” is calling you every day, consider notifying the National Do Not Call Registry.

Optimizing your Google My Business listing is a crucial part of your business’ web presence and particularly important for local and service area businesses. Unfortunately, it’s not always all that easy to set up and manage correctly. Legitimate listing optimization services do exist, but the good eggs will never claim to be calling from Google. 

2. Domain Name/Registry Scams

2018 03 23 Fake Domain Bill

You’ve heard of unsolicited calls. You’ve heard of junk mail. But have you ever received invoices for web services you never signed up for?

2018 has seen a rise in scam bills, both via mail and email. Clients have been charged hundreds of dollars for domain hosting from vague company names like “Domain Registry of America,” and “The Domain Hosting Group.”

It looks like a real invoice, with due dates, amount due, and itemized expenses. If you’re getting “charged” for domain services you never signed up for, don’t give them your money.

Domain name/registry scams have been commonplace since the 1990s, but have seen a recent rebirth in 2018.


Educating your employees (and yourself) on how domains names function and keeping impeccable records on your subscribed web services, and what you’re supposed to be paying for will take care of any fear, uncertainty, and doubt these fake bills might cause.

If you’re a BizIQ customer and have concerns about your domain name, you can consult your BizIQ Account Manager who can help you look into any suspicious bills you get for internet services.

Whatever you do, do not pay these fake bills, or risk your financial future.

2018 03 23 Fake Pci Compliance

3. PCI Compliance Scam

PCI (DSS) is short for Payment Card Industry Data Security Standard and sets standards for businesses that process and store credit card information. Keeping cardholder information and transactions safe? Sign me up!

Not so fast.

Most merchant services are already PCI compliant. That doesn’t stop sketchy companies from scaring small business owners into forking over personal information, though. This is a super common phishing scam in 2018.

The Solution:

If your business doesn’t process credit cards, don’t worry about compliance. If you do, you should know what level of PCI compliance you need.

Level 1 compliance: More than 6 million Visa/MasterCard transactions per year.

Level 2 compliance: 1 million to 6 million Visa/MasterCard transactions per year.

Level 3 compliance: Merchants processing 20,000 to 1 million Visa e-commerce transactions annually.

Level 4 compliance: Merchants processing less than 20,000 Visa e-commerce transactions annually and all other merchants processing up to 1 million Visa transactions annually.

The twelve primary requirements of PCI security standards are simple to establish, and our staff is more than happy to answer any questions you have. If you don’t know the status of your PCI compliance, you may be vulnerable to these types of scams.


4. Sketchy Social Media Scams

2018 03 23 Fake Facebook Quiz

Social media is a great tool for small businesses to engage with their online community. Unfortunately, it has become a popular avenue for information harvesting, by means of fake profiles, aggressive apps, and sketchy quizzes.

In late 2017, Facebook admitted as many as 270 million fake profiles have been created. Recently, the social media giant has been in hot water for the Cambridge Analytica scandal, in which the data for 50 million profiles were used for voter insights.

Inauthenticity and privacy violations have seen a Golden Age in the past few years. Social media can drive engagement and revenue for small businesses, but can also put your information and finances in hot water.

The Solution:

Always err on the side of caution with social media. Never, ever give your credit card number, social security number, or passwords to social media quizzes.

If a Facebook friend is acting strangely, and sharing bizarre links while typing in broken English, their accounts have likely been compromised. Do not click the links! Let them know via other means of communication (text, phone call, email) that it appears their account has been hacked.


2018 03 23 Fake Commentor

5. Fake Comments & Scambots

A late 2017 study of 18.5 million websites found that the average small business website is attacked 44 times a day. Malware, bots, and malicious software are responsible for a tremendous amount of attacks on small business websites, many of which lack the resources and know-how to prevent cyber attacks.

Most small  businesses experience a steady stream of spam comments and cyber attacks.

Luckily, WordPress (which is roughly 25% of the web, and most small business websites) has extremely user-friendly (some free) plugins that block spam comments, and are able to detect sketchy scambot behavior. The problem comes when webmasters fail to update or maintain their WordPress.

The Solution:

If you don’t have the time or expertise to update and maintain your web presence to keep you, your customers, and your website secure from online threats, working with an expert is highly recommended. Look for an internet marketing provider who is up-to-date on the best practices for online security like SSL encryption.