Ahead of the annual Scam Awareness Week, cyber-security firm Cynch Security has warned small-business owners that their recent, rapid adoption of technology may have exposed them to greater risk.
“Scammers don’t discriminate on the size of your business or where you’re located. Invoicing scams and business email hacks are hurting all small businesses in regional areas and in the major cities,” said Susie Jones, co-founder and CEO of Cynch Security.
Advising business owners to step up their vigilance, Ms Jones explained that scammers can opt for one of many approaches to gain access to personal data.
“Scammers can buy somebody’s username and password within your business from the dark web to start sending emails from your business or hack a client you work with and start impersonating them,” Ms Jones explained.
“They will send fake invoices to you from a vendor with new bank details and even set up forwarding rules on your emails; before you know it, you’ve paid a scam invoice that you thought was for one of your real vendors or clients.”
According to the latest data from ScamWatch, in June 2020 a false billing scam was reported by 870 businesses, while identity theft scams attracted 1,550 reports and hacking 545 reports.
“Many people will think their own process is safe — e.g. one password with different letters or numbers and only they know the passwords, but it’ll come up in a data breach somewhere and their business will be compromised,” Ms Jones said.
“Anything easy to remember is easy to hack, even if it’s unique to you.”
Tips to stop the scammers
Ms Jones has identified five top tips to help small businesses protect their data. These include:
- Protect your passwords! It comes down to poor password management, so start using a password manager and enable two-factor authentication.
- Check your digital identity by doing a quick search on Google. Check where your personal information like email and phone number are published and consider removing them if they don’t need to be there.
- Don’t get tricked! Avoid being tricked by making a call to the business you’re paying and check it to confirm before you pay the invoice.
- Don’t think it won’t happen to you! Scammers don’t discriminate on size, they can hit thousands of small businesses at the same time.
- Get cyber fit! Cyber fitness is all about taking small, incremental steps to improve your cyber security every day. First step is to understand what you have to lose and what tech you rely on. What data do you have and what is valuable?