This study analyses 300 cases of fraudulent activities against Dutch businesses, 100 from each of the following three categories: CEO-fraud, fraudulent contract, and ghost invoice. We examine crime scripts, key characteristics of targeted businesses, and the relationship between input criminal effort and output financial benefit. Results indicate that whilst all CEO-frauds are conducted online, most of the fraudulent contracts and ghost invoices are undertaken via offline means. Both Routine Activity Theory and Rational Choice Model are evidenced-fraudsters clearly take the business size and seasonality into account, and the input criminal effort and output criminal benefit are positively correlated. Having vigilant employees is evidenced as the most effective way of fraud prevention, both online and offline.