Cyber Threats are Big Business for Small Businesses

Technology has quickly engulfed the world around us. Everything we do, both at a business and personal level, seems to involve technology in one way or another. However, as that happens, small businesses continue to be a top target for hackers, with the number of organizations hit by cybercrime rising each year.

The FBI released a report of cyber crimes the Internet Crime Complaint Center (IC3)  reported and the statistics show an overwhelming increase in victims. IC3 reported victim losses exceeded $1.4 Billion in 2017

The top five reported cyber crimes and their losses:                                                

1. BEC/EAC  Losses: $676,151,151

BEC is a scam targeting businesses working with foreign suppliers and/or businesses regularly performing wire transfer payments. EAC is a similar scam that targets individuals. These sophisticated scams are carried out by fraudsters compromising email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfer of funds.

2. Confidence Fraud/Romance Losses: $211,382,989

A perpetrator deceives a victim into believing the perpetrator and the victim have a trust relationship, whether family, friendly or romantic. As a result of that belief, the victim is persuaded to send money, personal and financial information, or items of value to the perpetrator or to launder money on behalf of the perpetrator. Some variations of this scheme are romance/dating scams or the grandparent’s scam.

3. Non-Payment/Non-Delivery Losses: $141,110,441

In non-payment situations, goods and services are shipped, but payment is never rendered. In non-delivery situations, payment is sent, but goods and services are never received.

4. Investment Losses: $96,844,144

Deceptive practice that induces investors to make purchases on the basis of false information. These scams usually offer the victims large returns with minimal risk. 

5. Personal Data Breach Losses: $77,134,865

A leak or spill of personal data that is released from a secure location to an untrusted environment. It may also refer to a security incident in which an individual’s sensitive, protected, or confidential data is copied, transmitted, viewed, stolen or used by an unauthorized individual. 

Source: IC3 2017 Internet Crime Report

To view the whole report, click IC3 2017 Internet Crime Report

Using technology to conduct retail, banking and marketing services for their day to day operational needs, today’s Small Businesses not only benefit from these cost and time-saving tools, but lend themselves vulnerable and gravely at risk to their cybersecurity.

Merriam Webster defines cybersecurity as measures taken to protect a computer or computer system, i.e., the internet against unauthorized access or attack. Cyberattacks are not just media headlines involving breaches in big companies.

• 43 % of cyberattacks target small business
• 60% of small business go out of business within 6 months of a cyber attack
• 48% of data breaches are caused by acts of malicious internet. Human error or system failure account for the rest.

Source: Symantec/SBDC-WV

According to Chris May, Information Security Consultant for Advantage Technology, based in Charleston, WV, there are Ten Cybersecurity Tips that everyone, and especially small businesses can do to protect themselves from cyberattacks:

1. Have the right mindset. Consider yourself always susceptible to be a target and be suspicious of every interaction on the internet, email and free app on your phone.
2. Use unique passwords. Make unique passwords by including the name of the website in the password itself. Start with your regular password and then add the website name at the end. This will give you a unique password for every site that is still easy to remember.
3. Enable Two-Factor Authentication. Rather than just requiring a password, two-factor authentication requires two things; something you have and something you know, i.e. fingerprint scan (something you have), and password (something you know).
4. Lock your device. Always lock your device with a password, PIN number or biometric scan such as a fingerprint or facial recognition. Your devices contain all the information a cyber criminal would need to steal your identity.
5. Never leave your device. Never leave a device unattended in a public place. A stolen laptop or phone can be a treasure trove of identity information for a skilled cyber criminal.
6. Update your software. Always keep your software up to date. Whether it’s your phone, computer, or even a program you use frequently, don’t brush off security patches. Patch early and often.
7. Call a Friend. If you get an email from a friend or colleague that looks suspicious, call the person and verify that it’s actually coming from them. Also, look at the email address to look for any inconsistencies.
8. No Personal Information via Email. Be suspicious of any official-looking email that asks for personal information such as bank account or Social Security number. No legitimate organization will ask any personal information in an email, including usernames or password.
9. Secure your WI-FI. Protect you home or business by securing you network. Make sure your WI-FI- network is secure, hidden and password protected.
10. Never use public WI-FI networks. You have no way of knowing about security of the network, and cyber criminals often use public WI-FI to access unsuspecting victims. Instead, use you own mobile hotspot or personal hotspot on your phone.

Source: Advantage Technologies

These are just a few steps that businesses and individuals can implement to protect their information and identity. When in doubt, go with your instincts of worse-case scenario to access your risk.

If you or your business are the victim of a cyber attack, click here for more information on how to report it.