Avoiding Fraud and Hackers in 2020: Part II (Small Business)

Our last blog post, Part I in a series on fraud and hackers, introduced the value of stolen personal information and the common ways in which thieves try to gain access to it. Hopefully after reading that post, our readers have a better idea of where fraud happens and how to spot it.

Hackers aren’t just targeting individuals; small businesses are among the biggest targets for fraud. One of the reasons is because most small businesses don’t have the resources to protect against sophisticated cyberattacks. And almost half of small businesses don’t think they’re big enough to be targeted. Ignorance and a lack of resources are not a good combination.

Small Business, Big Fraud Target

Businesses with fewer than 100 employees are the most susceptible to corporate fraud, and the average small business loses about five percent of income to fraud every year. Other than revenue, indirect costs of fraud include a damaged reputation and lower employee morale and productivity, according to the Association of Certified Fraud Examiners.

The ACFE also reports that 60 percent of small business fraud victims never recover any of their losses and actually suffer the same median fraud loss as companies with more than 10,000 employees.[1]

Types of Small Business Fraud and Red Flags

For the most part, small businesses are most at risk to these top five types of fraud:

  • Corruption
  • Billing Schemes
  • Check Tampering
  • Cash Skimming
  • Non-Cash Misappropriation



It’s the least likely to happen but costs the most when it does. Corruption comes in the from of illegal bribes, gratuities, extortion, and conflicts of interest.

Red Flags:

  • Vendor price inflation
  • Unjustified employee purchases
  • Undisclosed employee/vendor relationships

Billing Schemes

These involve the theft or misuse of business assets, when an employee initiates fraudulent payments. Pay-and-return schemes are when an employee intentionally submits the same invoice twice or overpays a vendor, asks to return the check, then cashes it. Personal purchase schemes happen when employees buy themselves goods and services on the company’s dime.

Red Flags:

  • Duplicate or out of sequence invoice numbers
  • Employee access to company credit card and the ability to self-authorize payments

Check Tampering

Employees who manipulate checks through fraudulent endorsements, signatures, or altering the payee are committing check tampering fraud. Employees can also hide checks and get them authorized if the person doing it isn’t paying close attention.

Red Flags:

  • Gaps in check number sequences
  • Checks made out to cash

Skimming Cash

Any instance where an employee takes cash before it’s even recorded or deposited into the bank is called skimming. This happens most often in businesses with cash registers but can also happen to a petty cash account, or any situation when one employee is hiding cash from the employer, shareholders, or partners. It can be very difficult to detect.

Red Flags:

  • No-sale cash register transactions
  • Excessive discounts
  • Unrecorded sales

Non-cash Misappropriation

Stolen inventory, supplies, equipment, information, and securities are all examples of non-cash misappropriation. Physical assets are taken more frequently, and overall this type of fraud can be the hardest to recover losses.

Red Flags:

  • Missing inventory or supplies
  • Incoming shipments marked as ‘short’ or ‘below company standard’

Stay tuned for our next post on how to protect your small business against fraud.

If you think your business might be a victim of fraud or you would like help strengthening internal controls, contact Naden/Lean today.


[1] https://www.acfe.com/rttn2016/docs/Fraud-in-Small-Business.pdf