Small businesses are losing thousands to scammers every year. Here’s what business owners can do about it, says Susie Jones, co-founder and CEO of Cynch Security.
The start of a new financial year is often a time small business owners put new processes and plans in place to ensure more revenue growth. As a small business owner myself our team is always thinking about what our next big goal will be.
One thing that small businesses struggle with is protecting the revenue that’s already in the bank. The ACCC’s targeting scams report shows businesses lost $132 million to scams in 2019.
Scamwatch alone received almost 6,000 reports from businesses last year with $5.3 million in reported losses. Invoicing scams and business email hacks were the top commonly reported type of scam which includes business email compromise scams.
It doesn’t matter how big or small your business is, scammers don’t discriminate on the size of your business or where you’re located. Many people will think their own process for creating passwords is safe, but it’s not. Always using a single password with different letters or numbers on the end won’t protect you. Anything easy to remember is easy to hack, even if it’s unique to you.
What does the invoicing and email hack scam look like?
Scammers can buy a reused username and password within your business over the internet or they will do this to a supplier you work with and start impersonating them. They will then send fake invoices to you from a vendor, or impersonate you to a client, with new bank details and even set up forwarding rules on your emails. Before you know it you or your client has paid a scam invoice that you thought was for one of your real vendors or clients.
The fact is, the average small business has only addressed 5% of their cyber risk.
As we start a new financial year here are five things you can do quickly to help improve your businesses cyber security:
Protect your passwords! It comes down to poor password management so start using a password manager and enable two-factor authentication
Don’t get tricked! Avoid being tricked by making a call to the business you’re paying and check it to confirm before you pay the invoice
Don’t think it won’t happen to you! Scammers don’t discriminate on size, they can hit thousands of small businesses at the same time
Get Cyber Fit! Cyber fitness is all about taking small incremental steps to improve your cybersecurity every day. First step is to understand what you have to lose and what tech you rely on. What data do you have and what is valuable?
Small business owners can take an online survey then enrol in a Cyber Fitness Bootcamp to help them understand the risks and what they can do now to protect their business.