UNIVERSITATEA ROMANO-AMERICANA

FACULTATEA DE INFORMATICA MANAGERIALA

PROIECT
COMUNICARE IN ACTIVITATEA ECONOMICA
IN LIMBA ENGLEZA

The ways of foreign companies to avoid scam

Realizat de:

Grupa:
IM634

Bucuresti, 2023
INTRODUCTION
 In the context of the activity of any company, there is a great responsibility when it
comes to handling business affairs in an honest, legal manner, both for maximizing clients’ or
customers’ trust in your company, and for avoiding fraudulent behavior that can result in a
huge loss in earnings. For this reason, companies should and do take great care in avoiding
‘scams’.
Thus, we are going to present commonly known and used scam methods and the steps
that can be taken by foreign companies to reduce the possibility of being affected by these
scams.
BACKGROUND
For the purposes of this paper, we will define a ‘scam’ as a fraudulent type of
activity that is specifically designed to deceive organizations for financial gain or some other
malicious purpose. Most often, scams are done by employing certain deceptive tactics that
aim to influence and manipulate certain individuals or businesses into revealing confidential
or crucial information or into approving one-sided transactions or deals.
While, in theory, any company can be targeted by these methods, foreign companies
tend to be a preferable target for scammers. Some of the reasons for this fact include:
1) A higher potential for a foreign company to be unfamiliar with that country’s
laws and/or regulations – this can allow certain tactics like impersonating authorities or
creating fake legal emergencies that can lead to huge losses
2) Communication barriers being much more prevalent when it comes to foreign
companies – this can make properly assessing the situation presented by scammers much
more difficult and can lead to deceptive messaging not being spotted in time
3) A potential unfamiliarity with the current business environment – this includes
unfamiliarity with local, trustworthy suppliers, vendors or clients, which helps scammers as
it’s much easier for them to act as honest partners
4) An over reliance on electronic means of communication – a vast majority of the
time, scams are conducted through these electronic means, thus the likelihood of being
scammed increases massively for foreign companies
Taking all these reasons for foreign companies being easier targets for scammers, it is
important to take active protective measures against scams. Foreign companies especially
rely on collaboration with local entities to succeed, so maintaining a high degree of security is
essential to conduct their business properly.
 DISCUSSION
The first part of this paper will focus on outlining tactics commonly used by
scammers. These can vary in their method of attack, ranging from tricking unknowing
employees into revealing confidential data, to impersonating authorities, vendors or suppliers
in order to establish one-sided deals. Some of the most used scams are:

Phishing Emails:
Scammers may send fraudulent emails posing as legitimate business contacts,
government agencies, or financial institutions. These emails often contain malicious links or
attachments that, when clicked, can lead to data breaches or the installation of malware.
CEO Fraud:
In a CEO fraud scheme, scammers impersonate high-level executives within a
company and request fund transfers or sensitive information from employees. These emails
often appear urgent and may use social engineering tactics to manipulate recipients.
Invoice Fraud:
Fraudsters may send fake invoices, claiming payment for services or goods that were
never delivered. This type of scam can be particularly effective if the scammer has managed
to compromise a legitimate email account within the business.
Supplier Fraud:
Scammers may pose as suppliers or vendors, providing fake invoices or payment
requests. They may trick businesses into transferring funds for goods or services that were
never provided.
Advanced Fee Fraud:
Businesses may receive offers that seem too good to be true, such as investment
opportunities, partnerships, or contracts with lucrative terms. The scammer typically requests
an upfront fee, and once paid, they disappear without fulfilling their promises.
Domain Spoofing and Typo-squatting:
Scammers may register domain names that are similar to legitimate business domains,
either through typo-squatting (using misspelled versions) or domain spoofing. They then use
these domains for phishing attacks, tricking employees into providing sensitive information.
Fake Trade Shows and Conferences:
Scammers may organize fake trade shows, conferences, or business events, claiming
to offer networking opportunities or exclusive deals. Businesses that participate may lose
money on registration fees or travel expenses.
Customs and Import/Export Scams:
Foreign companies involved in international trade may be targeted with scams related
to customs fees, duties, or false claims of non-compliance. Scammers may pose as customs
officials and request payments for fictitious charges.
Data Breaches and Ransomware Attacks:
Cybercriminals may target businesses with ransomware attacks, encrypting critical
data and demanding a ransom for its release. These attacks can disrupt operations and
compromise sensitive information.

Here are some measures that a company, should implement to minimize the
possibility of being scammed:

Employee Training and Awareness:

Conduct regular training sessions to educate employees about various types of scams
and phishing techniques. Ensure they are aware of the importance of verifying the legitimacy
of emails, especially those involving financial transactions.
Verify Email Requests:
Establish a verification process for any email requests involving financial transactions
or sensitive information. Encourage employees to confirm such requests through a secondary
communication channel, such as a phone call, especially if the request seems unusual or
urgent.
Use Secure Communication Channels:
Utilize encrypted communication channels for sensitive information and financial
transactions. Be cautious about sharing sensitive details via email, and use secure file-sharing
platforms if necessary.
Two-Factor Authentication (2FA):
Implement two-factor authentication for email accounts, financial systems, and other
critical platforms. This adds an extra layer of security, even if login credentials are
compromised.
Supplier and Vendor Verification:
Before making payments or sharing sensitive information with suppliers or vendors,
verify their legitimacy. Use established communication channels to confirm details and be
wary of sudden changes in payment instructions.
Invoice Verification:
Implement a thorough invoice verification process. Train employees to cross-
reference invoices with purchase orders and to confirm any discrepancies with the relevant
departments before making payments.
Domain Monitoring:
Regularly monitor domain names similar to your company's and report any suspicious
domains to prevent domain spoofing or typo-squatting attacks. Consider registering common
variations of your domain to prevent abuse.
Customs and Trade Awareness:
Educate employees involved in international trade about common customs and
import/export scams. Establish clear procedures for verifying customs-related requests and
payments.
Due Diligence for Investments and Partnerships:
Conduct thorough due diligence before entering into business partnerships,
investments, or contracts. Be skeptical of offers that seem too good to be true and verify the
legitimacy of the entities involved.
Regular Security Audits:
Conduct regular security audits and vulnerability assessments to identify and address
potential weaknesses in your company's cybersecurity infrastructure. Stay up-to-date on the
latest cybersecurity threats and trends.
Incident Response Plan:
Develop and regularly update an incident response plan to guide employees on what
to do in the event of a security incident. This plan should include steps for reporting
suspicious activity and responding to potential breaches.
Cybersecurity Policies:
Establish and enforce robust cybersecurity policies within the organization. Ensure
that employees are aware of the policies and understand their role in maintaining a secure
work environment.
Collaboration with Cybersecurity Experts:
Consider collaborating with cybersecurity experts or consultants to assess and
enhance your company's security posture. They can provide valuable insights and
recommendations based on the latest threats and best practices.
 By incorporating these recommended behaviors, foreign companies can significantly
reduce their vulnerability to scams and enhance their overall cybersecurity resilience.
Actual examples of scams:

1.Phising
 2. Ceo-Fraud
3. Advanced Fee Fraud -> Ticket Scams
Ticket scams are a well-known type of advanced fee scam. The ‘seller’ offers tickets
for either a concert, gig, festival, performance, or sporting event that they do not possess. The
customer pays for the tickets, which never materialize. As a result, the customer is left
without the event tickets at the last moment when they don’t arrive, or fake tickets are
received that can’t be used to access or attend the event.

CONCLUSIONS
In conclusion, there are many ways for foreign companies to be taken advantage of by
malicious actors, some of the methods they use being really hard to notice, unless you've
already experienced something similar or are totally aware what to look out for.
As technology keeps advancing rapidly, scammers will always find new
breakthroughs in their scamming methods, which should only prove how important it is for
companies to play a much more active in role in fighting them through proper training and
seeking out the latest scam methods to be able to defend themselves against the tricksters

.
REFERENCES
1. https://www.egress.com/blog/phishing/real-examples-invoice-payment-fraud
2. https://www.memphis.edu/its/security/phishing-examples.php
3. https://www.merriam-webster.com/dictionary/scam
4. https://nt.gov.au/law/crime/scams/ten-most-common-types-of-scams