The Point

A New Wave of Fraud Targeting Business Owners — What You Need to Know

Over the last few weeks, local and regional banks have reported a sharp increase in a specific type of fraud aimed squarely at business owners — and it’s costing some companies millions of dollars.

In one recent case shared by a senior banking executive, four separate business clients were defrauded for a combined total of nearly $2 million, all within a matter of weeks. These were not careless individuals or inexperienced operators. They were established businesses with standard internal controls in place.

So what’s happening?

How the Scam Works

Fraudsters are posing as bank representatives and calling business owners directly, often claiming there’s suspicious activity or an urgent issue with the account. The key tactic is simple but effective: they keep the business owner on the phone.

While on the call, the fraudster will say they just need to “verify” some information, such as:

  • Who the authorized signers are on the account
  • Whether certain transactions look familiar
  • Confirmation of recent activity

At some point, the caller says something like:

“We’re going to send you a text to confirm your identity — just click the link.”

That link is the turning point.

Once clicked, the fraudster gains access to account credentials or session data, allowing them to begin moving money while the business owner is still on the phone.

Why Business Accounts Are Being Targeted

This scheme is especially dangerous for businesses because fraudsters have learned how to work around traditional safeguards.

While wire transfers often require multiple approvals, many business accounts allow bill pay transactions without the same level of internal authorization or watermarking. Fraudsters know this.

Instead of attempting a single large wire that might get flagged, they use bill pay to quietly and rapidly move funds out — sometimes draining accounts before anyone realizes what’s happening.

The fraudsters also understand that:

  • Business owners are busy
  • Bank-branded calls create urgency and trust
  • Staying on the phone reduces the chance the victim pauses to verify

By the time the call ends, the money is often already gone.

A Critical Reminder for Business Owners

Banks will never:

  • Ask you to click a link sent via text during a phone call
  • Request login credentials or verification codes verbally
  • Pressure you to stay on the phone while “activity is being resolved”

If you receive a call like this:

  1. Hang up immediately
  2. Call your bank using a known, trusted phone number
  3. Notify your advisor and internal team right away

How Castlepoint Helps

At Castlepoint Wealth Advisors, part of our role is helping clients think beyond markets and returns — and into real-world risks that can materially impact their financial lives.

If you’re a business owner, we encourage you to:

  • Review how money can move out of your accounts
  • Understand which transactions require approvals (and which don’t)
  • Educate employees and partners on these scams

If you’d like help reviewing your cash controls, account structures, or exposure to fraud risk, we’re here to help.

Awareness is the first line of defense.

Author

Explore Other Blogs

You Don’t Have to Win Every Point

What Wimbledon can teach investors about patience, probabilities, and staying

Should You Be Giving Away More Wealth Now?

It is widely reported that somewhere between $90 and $120

How to Keep More of Your Home-Sale Profits

For many families, a home is one of the largest

FOLLOW US

Facebook Instagram Linkedin Twitter

OKLAHOMA CITY

(405) 705-2906

TULSA

(405) 705-2906

© 2026 Castlepoint Wealth Advisors. All rights reserved.