Jorge T. is a 69-year-old small-business owner in Arizona whose online shopping has increased due to the pandemic. He regularly goes online to shop for supplies to sell his DIY recreational vehicles. Recently, he shared with me his experience with a phishing scam that he was able to stop in its tracks early. He shared, “I noticed my bank account was charged for strange amounts by a company with a different public name. I called my bank to confirm and turns out I was in the middle of being scammed.”
Luckily, this was not devasting to Jorge because he immediately took measures to stop the attackers from taking any more money from his business. This is just one of thousands of examples of scams that happen daily to everyday consumers, particularly small-business owners.
The Cyber Readiness Institute reported that businesses with fewer than 10 employees continue to underestimate cyber threats even as more people work remotely. This is a big problem because smaller businesses are the most vulnerable.
It is true that many small businesses do not have the same resources as larger businesses, such as cyber insurance, dedicated IT departments or even a culture of cyber readiness with their workers.
A cyberattack can be financially devastating to small-business owners, especially during the COVID-19 crisis. To make matters worse, small-business owners do not find out about a cyberattack until it is too late. According to the Cyber Readiness Institute, 58 percent of cyberattack victims are small businesses.
Cyberattacks on small business owners during the COVID-19 crisis are on the rise.
Microsoft issued a warning to businesses and individuals about of the risk of cyberattacks that prey on people’s health concerns using pandemic-related content. According to Microsoft, they found that among millions of global phishing emails, around 60,000 were related to COVID-19, with the senders pretending to come from official organizations such as the World Health Organization.
What should small-business owners do?
Here are some tips to get your small business cyber-ready:
- Keep a close eye on email senders. Many phishing scams come in the form of emails. Check the sender’s email address — that is usually where you will get your first clue. Block the email if you believe it is a scam.
- Strengthen your password practices — avoid reusing old passwords. Implement lockout policies to prevent hackers from running codes to get into an account. Usually, this can be set up in the settings section of your email service.
- Create an incident response policy for yourself and your team. Hire cyber specialists to provide training or research online for best practices. Develop a culture of cyber-readiness.
- Invest in malware protection for your computer systems, cyber insurance to protect you from revenue loss, and utilize cloud storage systems with strong security protocols.
The digital future has been accelerated by the COVID-19 crisis and small-business owners can still find ways to protect their own future. Good cyberattack-prevention practices should focus on using secure passwords, updating operating systems, understanding the tricks of bad actors, and prohibiting the use of USB memory sticks and other removable storage devices.
Doing these small adjustments will go a long way to prevent cyberattacks in your small business.
EDGAR RAFAEL OLIVO is a bilingual business educator, economic advisor and contributor for several media outlets. He’s a non-profit executive who is passionate about education. He is certified in finance and data analytics and holds a business degree from Arizona State University.
Para la versión en inglés de este artículo, haga clic aquí.