The top 8 biggest security issues small businesses must know about

logo
Featured On

EntrepreneurForbesBuisiness InsiderAxios

Well, it’s National Cyber Security Awareness Month, or NCSAM for short. While we’re always up for an excuse to talk about increasing security awareness, we’re super excited that there’s actually an entire month dedicated to helping people and businesses become more educated about their digital habits. For better or worse, our devices dominate our lives. According to thenextweb.com’s Digital Trends report, the average Internet user spends 6 hours and 43 minutes a day online. That means that most people spend 40% of their waking hours using the Internet. And during that time, most people aren’t paying much attention to their security habits. After all, it’s no fun to play it safe when you see Facebook ads promising free tickets to anywhere in the world. It’s also not so convenient to stop and think before opening email attachments. And who’s got time to read each and every Terms of Service and Privacy Statement?

It’s the little things

But little things can become big threats especially to small businesses. Poor Internet habits can make or break how safe you business is on the Internet. And with cyber crime damages expected to reach $6 trillion by 2021, it’s high time for you to take a stand for your businesses’ security. So to help raise awareness, we present to you the top 10 biggest security concerns online today. These are all issues that are rampant and affect everyone, so you really need to keep an eye out for them — all the time. The more you know about them, the better prepared you’ll be to recognize and handle them.

The top 8 security concerns

  • Social engineering - The psychological manipulation of people, rather than computers or devices. An adept social engineer is basically just a con man who can get people to divulge almost any information, in almost any scenario. Phishing attacks and deepfakes which use impersonation to trick their victims, are responsible for more than ⅔ of all cyber attacks. Any time anyone asks you for information, assess if it makes sense to give it over. If you’re not sure, don’t do it.
  • Crypto Jacking – Crypto-jacking, which has been on the rise for the last year, is the unauthorized use of your computer CPU by another entity to mine for Bitcoins or other cryptocurrencies. Victims become infected by clicking on malicious attachments and links which execute the coin mining code. Crypto-jacking attacks are very subtle and tend to go unnoticed for long periods of time. Though crypto-jacking attacks aren’t after your data, they are very taxing on your CPU resources and will kill your computer far faster than any regular use would. Anyway, no one should be able to access your computer other than you and others with your permission. As mentioned, it can be hard to detect crypto-jacking, but if you notice a change in your computer’s performance, crypto-jacking could be the culprit.
  • Social media scams – Who doesn’t love social media? Well, anyone who’s been really burned by a social media scam, that’s who. Social media platforms, from Facebook to LinkedIn to Instagram and everything in between, are riddled with scams intended to help victims and their money or data part ways. Be sure to watch out for scams such as romance/catfishing scams, lottery scams, quiz scams, profile hijacking scams, and prize/gift card scams. When you come across them, be smart and keep your distance.
  • Identity fraud – Also referred to as Identity theft, this is when someone pretends to be you, using your personal information, such as your social security number and date of birth. The Internet has unfortunately made collecting sensitive data easier than ever. As recently discussed in a past blog post, never provide personal information , unless it’s your employer or the IRS. And remember that any email you get from a business asking you for personal info is most likely a phishing email — so just chuck it. 
  • Ransomware – Ransomware infections continue to be a big threat as well. In fact, experts say that attacks are becoming substantially worse than those of the past. For example, look to GandCrab which has had many iterations, each one packing new and terrifying features into its build and SamSAM, which cost the city of Atlanta GA, $2.6 million to clean up. Ransomware packs a wallop, so remain on guard. Businesses especially have to be on guard; according to csoonline.com, the number of ransomware detected in business environments rose by 365%
  • The expanding attack surfaceSay wha? You may have come across this term and been quick to dismiss it as marketing hogwash, but it’s actually worth your consideration. When experts talk all nervously about “the expanding attack surface”, they are referring to the fact that we are so inextricably “connected” in so many ways that we almost make it easy for attackers to get us. Our phones, watches, tablets and other connected whatever likely have some kind of vulnerability, and the more we have, the more ways we can be hacked.
  • Phishing – Phishing ploys via email campaigns are always on the rise and in 2019 65% of US organizations experienced a successful phishing attack. Phishing attacks are typicall conducted via email, but there are also plenty of smishing (phishing via SMS messages), and voice phishing over the telephone (vishing) attacks taking place. The takeaway is for you to be extremely careful about the attachments and links that your receive via emails, texts, and social media.
  • Online shopping – You probably do a whole lot of shopping online and though you hopefully know enough to stick with known retailers like Amazon and Walmart, you might be drawn to sites offering goods at lower prices. While some of these sites are legit, a whole lot aren’t. Look for the https and padlock before making your purchase – if there is no “s” or padlock next to the URL, head elsewhere. And even if the site does have those indicators (which means your web traffic is secured and cannot be intercepted by attackers) it’s still a good idea to do research on the site to ensure it’s not a scam.

Take Responsibility!

Today, security is everybody’s problem; The good news is that when you know more, you can do more to help keep yourself and the people you care about secure. And there’s no better time than during NCSAM to create some smarter digital habits going forward. Download RAV Endpoint Protection today.