May is Small Business Month, a time to honor the nearly 33 million small businesses in the U.S. that drive the economy and support local communities. While it’s important to shop at small businesses, arming their owners and employees with information that can help protect them is just as important, because business fraud is rising and evolving just as quickly as the technology they rely on to operate. Across industries, criminals are deploying more sophisticated tactics that blend technical manipulation with social engineering, making it harder for organizations to spot fraud before damage is done. KeyBank is providing information about four schemes in particular that are gaining traction. Understanding how they work is becoming critical for business leaders, finance teams, and employees alike.
One growing threat is QR code fraud, sometimes called “quishing.” In these scenarios, fraudsters impersonate trusted internal teams, often IT or security, and send messages prompting employees to scan QR codes to update systems or credentials. The codes lead to fraudulent websites designed to capture login information and sensitive data. Because QR codes feel routine and bypass traditional email filters, they can be especially effective in compromising internal systems and customer information.
Another increasingly common tactic is double‑sided spoofing, a scheme that targets both employees and financial institutions. Fraudsters first contact business users, posing as banks or service providers, to extract login credentials through social engineering. They then use that information to impersonate the business user when contacting the bank, resetting account access and initiating unauthorized ACH or wire transfers. These attacks can move quickly and often go undetected until funds are already gone.
SIM swapping attacks extend fraud beyond email and banking platforms into the mobile ecosystem. In these cases, criminals gather enough personal information to convince a wireless carrier to transfer a business user’s phone number to a new SIM card they control. Once completed, fraudsters intercept calls and text messages, including one‑time passcodes used for multifactor authentication, allowing them to take over online business accounts and financial platforms with alarming efficiency.
Still, one of the most damaging and persistent threats remains Business Email Compromise (BEC). Fraudsters impersonate vendors, suppliers, or merchants and request payment changes, such as new banking instructions. The messages often appear legitimate, referencing real projects or invoices. Without strict verification procedures, businesses may unknowingly reroute payments directly to criminal accounts.
While the tactics vary, prevention strategies share common ground. Regular employee training helps teams recognize red flags and report suspicious activity early. Strong password policies—combined with multifactor authentication—reduce the risk of stolen credentials being misused. Secure network practices, routine system updates, and consistent monitoring of accounts and transactions can further limit exposure.
Perhaps most importantly, businesses should establish clear procedures for validating payment changes, credential resets, and unusual requests before taking action. Fraud thrives on urgency and assumptions.
As fraud schemes continue to evolve, awareness remains one of the most effective defenses. By understanding the most common attacks and reinforcing protective controls, businesses can reduce risk, respond faster, and stay one step ahead of today’s fraud landscape.
If you suspect your business has been exposed to fraud, immediately contact any financial institution where you maintain an account. If you are a KeyBank client, contact KeyBank’s Fraud Client Service Center immediately at 1-800-433-0124 or dial 711 for TTY/TRS.
Get more tips from KeyBank that can help protect you from fraud
The information and recommendations contained here have been compiled from sources believed to be reliable based on current information and conditions and are subject to change. KeyBank assumes no duty to update any information in the material in the event that such information changes. KeyBank does not represent or warrant its accuracy, reliability, or completeness or accept any liability for any loss or damage (whether direct or indirect) arising out of the use of all or part of this material. This material is provided as general information only; particular situations may require additional information or actions. Nothing in material shall be regarded as an offer, solicitation, recommendation or advice (whether financial, accounting, legal, tax or other) given by KeyBank and/or its officers or employees or other presenters. If legal advice or other expert assistance is required, the services of a competent professional should be sought. ©2026 KeyCorp®. All rights reserved. KeyBank Member FDIC. CFMA #260414-4341978
