Home

Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.

WePay's John Canfield on Protecting Your Business From Scams

Chad Brooks
Chad Brooks

WebPay CEO John Canfield says these are the new scams small business should watch for

While technology has made life easier for small business owners, it has also made them more susceptible to a number of new dangers. Few know more about the risks and dangers businesses face today than John Canfield, vice president of risk management for WePay.

For the past four years, Canfield has been leading WePay's risk strategy, processes and tactics. WePay provides payments as a service tailored for online marketplaces and platform companies that want to enable users to accept credit cards, without taking on the fraud risk and operational worries that come with accepting payments.

Prior to his role at WePay, Canfield spent more than five years as the senior director of global fraud and risk management for eBay. Canfield is also the founder of the app development firm Nimbler.

We recently had the chance to ask Canfield several questions on small business scams and risk, and how entrepreneurs can best protect themselves.

Q. Are there any new scams that small businesses should be keeping an eye out for?

A. Small businesses should be watching out for the modern 419 scam. What used to be poorly written emails that promise a share of a large sum of money as a reward for a seemingly innocent action have evolved into more sophisticated and plausible stories. This shows how much more adept fraudsters have become at attempting to fool small businesses.

The modern 419 scam starts with a fraudster approaching a small business via email requesting to work with them. The fraudster pays for the project in advance via a stolen credit card, including an extra amount they want the business to pay a third-party subcontractor via wire transfer (which is, in fact, the fraudster). With the nonrefundable wire transfer successfully paid to the fraudster, the business will also find the initial stolen credit card payment charged back as fraudulent – leaving them with significant debt.

Q. How has technology impacted the types of scams that businesses are now subjected to?

A. Spear phishing is a common tactic for fraudsters, but with technological advances, they have gotten much better at crafting emails with believable messages. In addition, they have more information about your company. These spoof emails allow fraudsters to pose as your colleagues. For example, if you are in the finance department, they can reach out to you as your business's CEO and say, "Please wire $5,000 to vendor X ASAP or else we'll be in trouble." Coming from your CEO, you could feel inclined to act on that.

Hacking technology has advanced immensely and more stolen information is available on the dark web now than ever before. However, just because a fraudster has sensitive information does not always mean they will succeed; these criminals still need to figure out how to trick small businesses and social engineers in various ways.

Q. What can small businesses do to protect themselves from fraud and other scams?

A. As a small business, it is always safer to meet or speak with a prospective client before agreeing to any work. Be cautious if you find that someone wants to work with you from far away when they could work with other businesses closer to their location. Be wary of any outreach that asks for money and/or personal information. And finally, while it may be good for your business, do not be blinded by large, out-of-the-ordinary transactions.

A big mistake is to say, "I don't have a fraud problem now, so I'll just deal with it when it happens." The problem with that mentality is fraud can seriously hurt your business in an instant if you are not prepared.

Protecting your business from fraud is similar to preparing for a natural disaster; it may not be imminent, but you should have supplies ready in the event it occurs. It is important to have a trusted payments partner integrated with your business to monitor fraudulent activity and be ready to take action.

Q. How does WePay protect businesses from fraud?

A. Fraudsters have the ability to gain access to sensitive information and can go to great lengths to create fake accounts on a platform. WePay uses a combination of advanced risk technology and data collected from a variety of sources to protect businesses and the platforms they operate on from fraud. Ultimately, we monitor all activity to separate good, normal behavior from fraudulent behavior and prevent suspicious transactions from going through – our goal being providing businesses with the most seamless payments experience possible.

Chad Brooks
Chad Brooks,
business.com Writer
See Chad Brooks's Profile
Chad Brooks is a Chicago-based writer and editor who has spent more than 20 years in media. A 1998 journalism graduate of Indiana University, Chad began his career with Business News Daily in 2011 as a freelance writer. In 2014, he joined the staff full time as a senior writer. Before Business News Daily, Chad spent nearly a decade as a staff reporter for the Daily Herald in suburban Chicago, covering a wide array of topics including local and state government, crime, the legal system and education. Chad has also worked on the other side of the media industry, promoting small businesses throughout the United States for two years in a public relations role. His first book, How to Start a Home-Based App Development Business, was published in 2014.