4 Common Cyber Threats Every Business Owner Needs Protection Against

Not only are more customers shopping online since the pandemic, the majority of  purchasing transactions are recorded digitally. Protecting your business and customer data is now a must.

It’s time to educate yourself on common cyber threats and what you can do to avoid cyber attacks that can wreak havoc on your business.

1. Phishing

A phishing attack is almost like the cyber version of a con artist’s scheme — a malicious user sends you an email from what appears to be a trusted source (e.g. your bank). The emails typically create a sense of false emergency that urges you to click a link for a resolution and enter sensitive information, such as your banking username and password, account number, or social security number. When you do, your identity — and your bank account — are compromised.

More and more business owners, vendors, and employees put personal information on social media for anyone to access; this makes it easier for phishers to create highly personalized emails and websites. And with more people online than ever before, the chances of an attack are higher. In fact, the Federal Bureau of Investigation reported an increase in phishing attacks in 2020 with 241,342 compared to 114,702 in 2019. The FBI has also warned that there has been an increase in cyber criminals impersonating government officials.

Bottom line: Question and double check every source before sharing personal information.

2. Drive-by download

Did you ever think to yourself “as long as I don’t click to download anything, everything will be okay”? That’s not the case anymore with drive-by downloads. All it takes is visiting a website to initiate the upload of malicious software. Drive-by downloads often serve as a partner in crime to phishing emails, so simply clicking a link in an email can put you at risk.

Key takeaway: Only visit websites that you trust and don’t click any suspicious links.

All it takes is visiting a website to initiate the upload of malicious software. Drive-by downloads often serve as a partner in crime to phishing emails, so simply clicking a link in an email can put you at risk.

3. Malware

The malicious software mentioned in drive-by downloads is also known as malware, which is a term to describe software that can harm your computer or be used to gain access to sensitive data. The 3 types of malware you need to be aware of as a business owner include:

• Adware: This form of malware comes with free or pirated versions of software and launches ads or pop-ups when you’re using your web browser.
• Spyware: As it says in the name, spyware is designed spy on things like keystrokes when visiting certain website in order to steal passwords. Spyware can also update your security settings, which puts you more at risk for future attacks.
• Trojan horse: This type of malware appears as normal file or application on your computer. When it’s downloaded, the attacker gains access to your computer and the data stored on in. The data can include passwords, bank account numbers, and other personal information.

Any of these can cause serious damage, especially when attacking a computer that’s used to store customer information. That’s why it’s important to educate employees on these dangers and implement any guardrails, such as:

• An internet usage policy
• Anti-virus software

4. Point-of-sale hacking

When a transaction is made on these devices, there is a microsecond delay before that information is encrypted. That’s all the time hackers need to grab credit card information and send it to one or remote servers.

Have you been to a restaurant and the waitress brings an electronic credit card reader to the table? Or have you been to a retail store where the cash register has been replaced with a tablet that has an attached credit card scanner? These are point-of-sale (PoS) devices, and they’ve become the target for more high profile cyber attacks against small business.

When a transaction is made on these devices, there is a microsecond delay before that information is encrypted. That’s all the time hackers need to grab credit card information and send it to one or remote servers. And once they have access, they often scrape credit card information for months before it’s detected.

So how do they get access to the device in the first place? It’s likely the PoS is linked to any number of computers that can fall victim to one of the 3 cyber attacks above. Any stolen devices can also be hacked into to access the information.

You know the dangers — now learn how to protect your business 

Small businesses are the perfect prey for many hackers. That’s why it’s important to stay up to date on potential cyber attacks. Consider strengthening your cybersecurity with tips you can find in this additional resource: Why Your Business Needs a Security Breach Plan.

The Hartford and Zenefits have partnered to offer small businesses an easier way to shop for general liability insurance and workers’ compensation policies. Check out available options online for your business and get a quote today.