Spring is one of the most productive seasons for hackers. Not because teams are careless, but because everyone’s busy, a little distracted, and moving fast. That’s when the almost-believable threats slip through, the kind that blend into a normal workday and don’t feel dangerous until it’s too late.
For many small businesses in Buffalo and Western New York, these cybersecurity scams aren’t targeting “gullible” people. They’re targeting busy, capable employees.
Here are three scams working right now.
As you read through these, ask yourself one honest question: Would everyone on my team pause long enough to catch each one?
Scam #1: The Toll Road (or Parking Fee) Text
An employee gets a text message:
“You have an unpaid toll balance of $6.99. Pay within 12 hours to avoid late fees.”
It names a real toll system — E-ZPass, SunPass, FasTrak, whatever matches the state they’re in. The amount is small enough not to trigger alarm bells. They’re between meetings, so they click, pay, and move on.
Except the link wasn’t real.
The FBI received more than 60,000 complaints about fake toll texts in 2024 alone, and volume jumped 900% in 2025. Researchers have identified over 60,000 fake domains set up specifically to impersonate state toll systems — a level of infrastructure that tells you how profitable this scam has become. Some of these texts have even reached people in states without any toll roads.
The reason it works is simple: small amounts don’t feel risky, and the situation feels familiar.
What helps:
Legitimate toll agencies don’t demand immediate payment via text. Smart businesses set a clear policy: no payments through text-message links. If something might be real, employees go directly to the official site.
Convenience is the bait. Process is the defense.
Scam #2: ‘Your File Is Ready’
This one blends perfectly into everyday work.
An employee receives an email stating that a document has been shared with them, usually via DocuSign, OneDrive, or Google Drive.
Everything looks normal.
They click. They log in. They move on.
Now someone else has their credentials.
Phishing attacks using trusted platforms have surged, with attackers exploiting legitimate tools to make scams nearly indistinguishable from real notifications. Employees are significantly more likely to click links from familiar platforms because they trust the source.
Even more concerning, attackers now send these from real compromised accounts, meaning the email passes spam filters.
What helps: If a file wasn’t expected, employees should avoid clicking the link in the email. Instead, they log into the platform directly. If the file is legitimate, it will be there.
Simple habit. Big impact.
Scam #3: The Email That’s Written Too Well
Phishing emails used to be easy to spot.
Not anymore.
AI-generated phishing messages are dramatically more effective than traditional ones. They reference real names, roles, and workflows sourced from public sources such as LinkedIn.
These scams are often tailored:
- HR receives employee-related requests
- Finance gets payment changes
- Operations sees vendor updates
They feel routine—not suspicious.
That’s what makes them dangerous.
What helps: Any request involving credentials, payments, or sensitive data should be verified through a second channel. Before clicking, employees should check the sender’s actual email domain, not just the display name.
And when something feels urgent, the urgency itself should be treated as a warning sign.
What This Really Comes Down To
All of these scams rely on familiarity, timing, and the assumption that “this will only take a second.”
That’s why the real risk isn’t careless employees, it’s systems that assume perfect decision-making under pressure.
If one rushed click could create a problem, that’s not a people issue.
It’s a process issue.
And process issues are fixable.
Start with Visibility, Not Fear
Most business owners don’t want to turn cybersecurity into another full-time responsibility.
They just want to know their business isn’t quietly exposed.
For Buffalo-area businesses, the first step isn’t panic; it’s clarity. Understanding where risks exist in everyday workflows makes it much easier to reduce them without slowing your team down.
Let’s Take a Look Together
If you’re concerned about what your team might be dealing with, or you just want a clearer picture, we’re happy to help.
In a short discovery call, we’ll walk through:
- The cybersecurity risks businesses like yours are facing right now
- Where issues tend to appear in normal workflows
- Practical ways to reduce exposure without adding complexity
No pressure. No scare tactics. Just a straightforward conversation.
