I worked in a corporate environment for around 30 years before I took a leap of faith and became an entrepreneur.
Having my own business is both a thrilling adventure and a learning process. As I’ve been building my business and leading my team, I’ve been able to implement my own cyber advice and protect my business data from Cybermonsters.
According to Cybersecurity Ventures: “Cybercriminal activity is one of the biggest challenges that humanity will face in the next two decades. Cyberattacks are the fastest growing crime globally and they are increasing in size, sophistication and cost.”
The statistics for how many companies go out of business or are significantly impacted due to cyber-attacks and data breaches are alarming.
43% of data breaches occurred to small businesses, and within 6 months, 60% of them were out of business.
Hackers, scammers and Cybermonsters use certain techniques to get you to divulge business information in order to carry-out their malicious intentions.
Cybermonsters take advantage of several situations and circumstances to create a set of attacks with the intention to break into your business:
- Special events: like the Olympics and the World Cup.
- Seasonal activities: like holidays or tax day.
- Times of uncertainty, fear and panic.
How exactly do they get access to your business data?
Social engineering occurs when cyber criminals will trick you into giving them critical information without your knowledge, rather than obtaining it digitally.
They may impersonate a government official or other authority, promise something of value, offer to help you, or threaten to reveal your secret information.
Let’s explore the two most common social engineering tactics Cybermonsters use: Phishing and Ransomware.
While “fishing,” or trying to catch fish, you may try to hook or trap the fish using bait to lure them in and capture them, “Phishing” is the activity of trying to catch you, and the techniques include a bait to lure you in.
Most phishing bait lives in your inbox. You could be clicking on a malicious link or an infected attachment. Hackers will also try to phish you through voice calls, text and social media.
For your business, hackers usually take this first step to carry out a targeted cyber-attack, getting your employees to click on a malicious link that gives them access to your network.
Ransomware is used as a form of extortion and it is one of the greatest dangers of the cyber world today.
Ransomware features malware or computer programs designed to lock/encrypt and deny access to your information. This encryption is unbreakable!
Ransomware mostly occurs via email, but it could also happen through compromised or insecure websites.
The hardest reality about ransomware is that paying the sum does not guarantee your data will be restored!
The biggest concern is that ransomware could spread to all the other computers connected in your business network, increasing the damage to your operation and in some cases disrupting your entire company.
In some cases, hackers exfiltrate your data including usernames, passwords, email addresses, and personal information. Encrypting your files for money might not be the only thing they are after.
How to protect yourself from social engineering
Being aware of social engineering is your best defense. Here are the two most important rules to safeguard against this danger:
- Invest in cybersecurity tools such as password managers, anti-virus, anti-malware, and software to validate whether a link or attachment is safe.
- Invest in cybersafety training for yourself, your employees and contractor, to know how to use these tools.
- Setup simple cybersecurity standards and policies to keep your business data safe. It may sound too obvious or common sense to such as not providing sensitive information to others; but it’s absolutely necessary and could save your business.
As a small business owner, I know how much your business matters to you. Well-meaning people fall for phishing and ransomware scams every day. Follow these steps to avoid being the next victim and jeopardizing your business.
Do you know anyone who has fallen for a phishing or ransomware scam? Share with us below!