This toolkit is designed to help you protect your business against a variety of scams. The digital landscape is rife with phishing, smishing, credit card chargebacks and more. Navigating the complexities of scams and fraud can be daunting. How do you identify threats? Where and who do you report instances of fraud to? This toolkit aims to guide you through these questions.

The latest headache for Bay Area restaurants? Instagram impostors

Oct. 2023

One case is happening to restaurateurs and their customers in San Francisco. Restaurateurs and customers are worried about a proliferation of fake Instagram accounts posing as Bay Area food businesses to scam diners. Scammers create a fake Instagram account under a similar name to a specific restaurant and tell customers they have received a special offer. The customer then pays to book a table to take advantage of the offer and ultimately loses money to this phishing scheme.


Internet scammers unleash a deluge of one-star reviews on a Chicago Vietnamese restaurant

June 2022

Another case happened to a Chicago Chinese restaurant in which internet scammers left a flood of one star reviews, driving down their overall rating on Google. The scammers then sent them a message claiming to be the ones behind the reviews and asked for payment to stop the bad reviews. This unfortunately is not an uncommon situation to face and the video below lists a few suggestions for combatting this type of fraud.


Iconic Singapore hotel caught up in major data breach

Nov. 2023

An iconic hotel in Singapore experienced a massive data breach, compromising extensive guest information from loyalty programs, underscoring the heightened risk hotels face due to the sensitive customer data they manage.


Hotels losing thousands of dollars through free holiday scam


Hotels are also battling chargebacks scams, losing thousands as scammers exploit stolen credit cards for stays. Often these particular scams involve costly property damage and even legitimate guests contest charges with their credit card providers.


IRS kicks off annual Dirty Dozen with warning about phishing and smishing scams

The IRS offers a deep dive into what phishing and smishing is. They provide tactics on what you should do if you suspect you are being targeted and resources for you to report these attempts.

For further information on smishing-deceptive text messages sent to smart devices, visit the Federal Communications Commission’s webpage.



Common Scams and Crimes hosts a comprehensive suite of resources on various scams, including business and investment fraud, business email compromise, holiday scams, money mules, skimming and much more. They offer explanations of each and provide preventative resources.


10 tips to detect a phishing email


Spot phishing emails: Here’s how

This video gives an overview of some of the most popular phishing tactics.


Better Business Bureau

Top 10 scams targeting small businesses

The Better Business Bureau said, “scams can impact every business, regardless of location, size or industry. But they are especially a problem for small businesses. Local businesses and start-ups often don’t have the cyber security support or established accounting processes of larger companies. This can make them more vulnerable to scams.” In this article they detail 10 scams targeting small business and protective measures you can take.


Federal Trade Commission

Scams Against Small Businesses

On this page, the Federal Trade Commission provides an array of scams that have specifically targeted small businesses and offers insights on what to watch.

Our collection of articles, toolkits and webinars are designed to equip you with the knowledge to understand and combat scams and fraud within your business. From scam experiences right here in Washington state, to a detailed look at a recent labor poster scam affecting local business, we provide a wealth of resources tailored to help you safeguard your enterprise.

Delve into our Scam Tactics series for a comprehensive understanding of scams in Washington state and protective measures.

According to fraud experts and the National Restaurant Association, the typical organization loses 4-5% of its annual revenues to fraud. In part one of unveiling scam tactics, learn about schemes that have impacted the hospitality industry and how owners are feeling the impacts. In part two, learn about different methods you can utilize to protect your business. One of the best ways to protect your business is also educating employees- read more to find out what information you and your employees should know.


Learn about the labor poster scam that impacted 15,000 Washington businesses and how to defend against such fraud.

Two Florida-based companies were ordered to pay nearly $25 million in penalties for violating the Consumer Protection Act in a labor poster scam, according to the Washington State Attorney General’s office. More than 15,000 Washington business owners who received the deceitful solicitations and paid $85 for labor posters from these companies were repaid in full with interest. Read more about this real life scam and what to look for.


Access our Cybersecurity toolkit in our exclusive members-only section.

Need help logging in to our members-only section? Reset your password or contact for more information.

Cybersecurity is increasingly vital for businesses and individuals, earning the top spot-on a global business risk barometer and in operators’ minds. Hospitality operators and small business owners might have placed a lower priority on cybersecurity in the past, but it’s now time to re-think that approach. Smaller businesses accounted for 28% of data breaches in 2021, costing them $2.35 million, on average. If you need help figuring out where to start, this toolkit is for you.


Replay our webinars on cybersecurity to discover essential tools to protect your business.

  • New cybersecurity threats: Find solutions and tools
    • A ransomware group compromised MGM Resorts by logging into LinkedIn, finding an employee and calling the help desk. After that, everything from hotel room digital keys to slot machines was affected. Even websites for its many properties went offline. Guests found themselves waiting in hours-long lines to check in and get physical room keys and handwritten receipts. This webinar focuses on specific cybersecurity challenges for the hospitality industry. Several growing threats, practical solutions and the tools available are covered.


  • Callback procedure template
    • Call-back controls are among the most important measures to mitigate your organization’s exposure to the risk of fraud. Done correctly, call-backs prevent your organization from experiencing financial losses, even in cases where cyber-criminals have managed to deceive your accounts payable team into manipulating supplier banking information.
  • Social engineering fraud: Coverage highlights and best practices
    • Social engineering fraud occurs when a bad actor intentionally misleads an employee into sending money or diverting a payment based on fraudulent information. This information is provided to the employee through a written or verbal communication such as an email, text, letter, fax or even a phone call. If you think this won’t happen to your organization… think again. This surprisingly successful fraud happens every day to unsuspecting employees via a communication that appears to be from a legitimate source.
  • Guide to common subjectivities and solutions
    • Subjectivities may be added to your Corvus Smart Cyber or Smart Tech E&O insurance quote. These are steps that the underwriter has required be completed before the policy can be bound or issued. Each of the common subjectivities discussed below have been demonstrated to significantly reduce cyber risk; in addition to helping you to obtain insurance, they will make your organization less likely to experience an incident. The goal of this guide is to help you work through these common subjectivities and understand what resources Corvus has available to help you to meet the specifications.