BBC Scam Safe Week 2025 is a great reminder that scams are happening every day to businesses just like yours. And because we look after IT support and cybersecurity for companies across the Midlands and beyond, we get a real inside view of what’s going on behind the scenes.
The short version? Scams are getting smarter. Much smarter. But don’t worry, there’s plenty you can do to stay ahead of them.
Here are the big scam trends we’re seeing so far this year:
Phishing emails now look real
Remember when phishing emails were easy to spot? Spelling mistakes, strange greetings, odd wording… it’s not always the case nowadays.
Criminals are now using AI tools to write emails that look completely legitimate. We’re seeing more emails that:
- Look like genuine supplier invoices
- Copy someone’s writing style
- Come from lookalike email addresses
- Drop into real email threads
It’s becoming harder for staff to tell the difference, which is exactly what attackers want.
What we’re doing: Setting up advanced email protection, running phishing tests, and giving teams quick, simple user awareness training so everyone knows what “feels off.”
Check out our free phishing guide for SMBs
Fake voice calls that sound like your boss
Yes, this is actually happening — and it’s becoming more common.
We’ve seen attempts where scammers use AI to mimic a director’s voice and request:
- A quick bank transfer
- A “confidential” payment
- A change to supplier details
- Urgent action that skips normal checks
It sounds far-fetched, but when you hear a voice that sounds exactly like someone you know — in the middle of a busy day — it catches people out.
What we’re doing: Helping businesses put simple approval processes in place and teaching teams to double-check unusual requests, even if they “sound right.”
WhatsApp and text message scams on job sites
WhatsApp groups, SMS messages, and quick-fire chats help teams stay connected — especially in industries like construction and manufacturing.
Scammers know this too.
Some of the things we’ve seen:
- Fake “site manager” messages asking for equipment
- Fraudulent links disguised as delivery updates
- Attachments pretending to be job specs or plans
- Attempts to change delivery locations
These messages feel normal, so people respond quickly — which is exactly the point.
What we’re doing: Showing customers how to spot fake messages, advising on safer communication tools, and protecting mobile devices properly.
Supplier and subcontractor scams are on the rise
If your business works with lots of suppliers or subcontractors, you’re on the radar.
We’re seeing more scams that try to:
- Change bank details
- Send fake tender documents
- Imitate real domains with tiny spelling changes
- Jump into ongoing email threads undetected
These scams are getting harder to spot because attackers spend time watching, waiting, and choosing the perfect moment to strike.
What we’re doing: Strengthening email security, adding checks for domain impersonation, and making sure approval processes don’t rely on a single person.
Criminals are using personal data to make scams feel “real”
With so many data breaches happening online, scammers often know bits of personal information about your staff before they even make contact.
This means emails might include:
- Real names
- Real job titles
- Real previous companies
- Real contact details
When an email includes details like this, it feels natural — and people trust it more.
What we’re doing: Encouraging strong passwords, helping customers switch to passwordless sign-ins, and using tools that flag unusual behaviour straight away.
How your business can stay scam-safe in 2025
You don’t need to be a cybersecurity expert — but you do need the basics in place.
Here are the things we recommend to every SME:
- Multi-Factor Authentication (MFA) everywhere
- Up-to-date security tools (especially for email)
- Regular bite-sized staff training
- Clear processes for financial approvals
- Strong password policies or passwordless sign-ins
- Regular cybersecurity check-ups
We’re here to help
Scams are changing quickly, but staying safe doesn’t have to be complicated. If you’d like help reviewing your security, training your team, or improving your setup, we’re here to support you.
