The most common technology scams targeting businesses

Statista estimates that technology scams will cost the United States $639 billion in losses by the end of 2025. This might seem like a threat to the Fortune 500s. In fact, many small businesses often believe criminals are less likely to target them, but hackers are increasingly exploiting this false sense of security. In fact, a recent survey found that 41% of small businesses had suffered attacks in 2023.

One of the biggest threats comes from the malicious actors who weaponize generative AI to scale and personalize cyberthreats. From polished emails with flawless grammar to deepfake videos spoofing your company’s executive, technology scams have reached new heights. Other factors contributing to the rise include leaner IT teams, reduced investment in training and remote work.

The good news is that recognizing these many technology scams takes you one step further to understanding how they work and succeed. Leverage this information for better threat modeling at your organization to avoid common online scams.

Business email compromise (BEC): the most costly business scam

Business email compromise is a targeted cyber scam where criminals impersonate an executive, vendor or partner. The goal is to trick someone into sending money, transferring sensitive information or sharing login credentials. The FBI calls it the “$55 billion scam” and issued a Public Service Announcement regarding BEC in September 2024.

Common tactics

BEC is an example of social engineering and the use of a trusted person can cause many people to let their guards down. Understanding how it works can help workers avoid common online scams like these:

• Executive impersonation (including deepfakes): Attackers can impersonate a CEO or CFO via email, phone or video. One deepfake red team organized an authorized attack against a North American finance company using deepfake audio and 56.25% of users clicked on the link. 
• Domain spoofing: Scammers often slightly alter domain names to create look-alike addresses that can trick users. However, sometimes they do use genuine company emails after hacking into them.
• Password reset: Workers or even customers might receive fake emails warning that they need to verify or reset their passwords due to someone else allegedly hacking into their accounts. 

Why it works

These tactics tend to work because of the many factors that can lead to human error in modern organizations. Teams are becoming leaner and workers are increasingly overwhelmed by work requests and the volume of emails. This makes it easier to miss key details. Hackers are also getting better at spoofing not just the domain name but lookalike websites.

Actionable tips

CISOs must account for the human element in these situations and create an effective playbook response. Specific security tools you can also implement include MFA and email threat scanners like the AI-powered Norton Genie. Our experts found that,

“AI-powered threats often require AI-powered safeguards and we’re increasingly incorporating these tools into our efforts to provide the best possible protection to consumers around the globe.”

Phishing attacks: more sophisticated than ever thanks to AI

Phishing is another social engineering tactic at scale. Cybercriminals use messages that impersonate trusted brands or colleagues to steal credentials, payment data or multi-factor codes. They might also use it to deploy malware or as the first step of a ransomware plot.

The role of artificial intelligence

Generative AI helps malicious actors craft increasingly convincing messages and emails for scams targeting businesses. They can also use deepfakes to impersonate the voice of anyone from family members to business executives and politicians. Gen Q1 2025 report found that,

“In one of the most striking evolutions of this type of scam that we observed this quarter, attackers are using AI-generated personas, deepfake influencers and hired actors.”

Types of phishing 

Phishing scams continue to grow in complexity and effectiveness. These are some of the most common ones to include in security training at your organization:

• Email phishing: Bulk or targeted emails driving to fake login pages or malware
• Malware phishing: Malware planted in seemingly benign things like an “unsubscribe” link
• Spear phishing: Messages created to target specific workers or types of workers, such as fake resumes for HR or fake invoices for the AP team
• Whaling: Phishing scams aimed at the “big fish” in an organization, such as a celebrity or executive
• Smishing: Phishing that takes place via SMS, such as failed deliveries or MFA code theft
• Vishing: Voice calls often enhanced with AI that pose as IT, vendors or even your bank

Why it matters

Phishing is often the entry point for account takeovers, like ransomware and lockouts. The more access attached to the account they take over, the better results, which is why whaling has become so popular.

Actionable tips

Simulations can provide teachable moments for workers to recognize phishing scams, but take care not to shame people for falling victim. The goal is to make them more vigilant, not more afraid to report incidents. Email scanning from Norton Genie can also assist with email-based phishing scam prevention. Finally, segmented admin privileges and mandatory MFA can improve your security posture.

Ransomware attacks: holding business data hostage

Ransomware is malware that encrypts files or systems and demands payment for a decryption key. It’s often paired with “double extortion,” which generally involves threatening to leak stolen data even if you restore from backups. Beyond phishing, hackers might also exploit software vulnerabilities, misconfigurations, unchanged default admin passwords, unsecured remote access or even compromised suppliers.

Why it matters

A single incident can paralyze operations for weeks and trigger regulatory scrutiny, lawsuits and lasting brand damage. The healthcare sector’s recent experience illustrates the stakes. The Change Healthcare ransomware incident (at UnitedHealth’s tech unit) disrupted claims nationwide and ultimately affected millions of people. It also illustrated that hackers often do not keep their work, even after receiving $22 million in Bitcoin.

Actionable tips

Companies should make regular backups and have contingency plans to conduct operations while the IT team gets the system up and running. Regular backups stored safely on different networks makes it easier to simply restore data and resume operations. Preventative measures include patch management, least privilege, segmentation and data minimization.

Tech support scams: preying on employee trust

Tech support scams impersonate IT staff, Microsoft, your security vendor or “payment processors.” They trick employees into installing remote-access tools, changing MFA settings or paying for bogus support. Attacks arrive via phone (vishing), email, chats, pop-ups or fake browser update prompts. Again, hackers leverage AI here to write error-free and polished emails or generate convincing scripts.

Expected outcomes

Paying for bogus support is probably the best-case scenario from all the potential outcomes. The worst-case is potentially providing admin-level access to malicious actors, which could spiral into data breaches and ransomware. Hackers could also empty out the company’s bank account if they gain access to the right credentials.

Actionable tips

CISOs must follow cybersecurity best practices, like banning the sharing of passwords or MFA codes over phone, email or chat. Additionally, you may remove local admin rights and require approval before making system changes. Call-back and ticket-number verifications are also crucial for leaving an audit trail.

Invoice and payment scams: manipulating financial workflows

Criminals often pose as vendors sending invoices or requesting updated banking information to send payment. Tactics may range from claiming amounts so small that businesses pay them without thinking to claiming large figures that trick people into opening malware-infested files to see the details.

Why they are so effective

Invoice fraud and payment scams are incredibly effective because unpaid invoices impact a company’s bottom line, credit history and business relationships. Additionally, in large organizations, a stray invoice is believable because no one person can remember every vendor. There is at least some good news in this area. Gen experts found a decline in invoice scams from Q4 2024 to Q1 2025.

Red flags

Regardless of how convincing they might be, informed and vigilant workers can learn how to avoid common online scams if they know the warning signs:

• Urgent requests to make payments at risk of legal action or other severe consequences
• Unusual amounts that are either much lower or much higher than normal invoices from vendors
• Request to speak to them directly instead of reaching out to your point of contact at the vendor
• Even slight domain or display-name mismatches
• Requests to bypass normal approvals steps to “meet a deadline”

Actionable tips

You can reduce human error proactively by automating some tasks, such as AP processing. Additionally, you can create a master list of vendors and their contact information so that the AP team can verify suspicious requests without opening files. Companies have also seen success with dual approvals for payments and teaching AP/AR teams to verify every invoice before paying.

Stay vigilant, stay protected

The threat landscape has seen drastic shifts in the past few years, especially with the rise of generative AI and deepfakes. Email-driven scams continue to drive record losses for organizations and individuals alike. Staying current on common technology scams and refreshing defenses is now a business requirement and not another nice-to-have security bonus.

Here’s what to do if you suspect a security incident is currently underway:

• Stop the bleeding by isolating affected devices and accounts (or more specific solutions like pausing payments for invoice scams).
• Preserve all the evidence you currently have by saving emails, headers, logs and screenshots.
• Report the incident to relevant authorities, such as your bank, your regulatory body and even your customers.
• Comply with regulations to ensure you follow any requirements set by jurisdictions or industries governing certain demographics (e.g. GDPR in the EU or HIPAA in the US).
• Conduct a thorough investigation to unearth more evidence and determine what went wrong.
• Reset to close the gaps and reduce the risks of this happening again.
• Educate your workers (without shaming) to avoid another incident related to human error, if this was the cause of the problem.
• Reassure your stakeholders, which may include shareholders, customers, vendors, government agencies and the general public

How Gen solutions support scam prevention

Effective scam prevention for businesses requires both technology and people-led initiatives. You need layered controls and steady education to tackle both layers. Gen research underscores the breadth of AI-related risks and the role of employee awareness training as a defense strategy.

Use our AI-powered tools to protect employees through benefits programs that put cyber safety in their hands:

• Norton 360: Helps block malware and phishing, adds smart firewall and web protection for safer browsing on work-adjacent devices
• Avast Business: Endpoint and network protection that can help prevent ransomware and malware from gaining a foothold
• Norton LifeLock Benefits Solutions: Identity theft protection that monitors for misuse of personal data and provides restoration specialists if the worst happens, reducing downtime and stress after an incident

How will your organization protect its workers from technology scams this year? Schedule a call with our team to decide what employee benefits best suit their needs.