In 2017 Australians lost $340 million to scammers, according to the Australian Competition and Consumer Commission (ACCC) 2018 Targeting Scams Report, equating to a $40 million increase compared to 2016. Today, more than 200,000 scam reports have been submitted to the ACCC, Australian Cybercrime Online Reporting Network and other federal and state-based government agencies.
With the rapid rate of digitisation and our ever-increasing reliance on services to store valuable information, cybercriminals are given more incentives than ever to work their way into your data and make use of it for personal gain.
Previously, successful cyber attacks (say, through someone’s email account) had access to the data of one person. While that’s concerning enough, the integration of our digital environment has multiplied this threat immensely. If your small business uses shared drives, cloud services (like Dropbox or Google Docs) or servers, it takes just one weak link in your cybersecurity chain for highly sensitive company-wide information to be compromised.
Phishing attacks are tech savvy attempts to trick you into sharing personal information such as bank accounts, passwords and credit card numbers. These attacks come from scammers pretending to be legitimate and genuine businesses and you can be contacted via email, social media, phone calls or even a text message.
According to Webroot’s Mid-Year Threat Report, phishing attacks have risen by more than 60 per cent from January to June 2018. It continues to be an effective method of breaking into small-business networks, taking one person to be fooled and the threat actor to obtain all credentials and perpetrate data. This attack can have tremendous consequences ranging from reputational damage, financial losses and even legal action.
Cybercriminals don’t stand still. It’s worth their time and effort to seek innovative ways to break digital defenses of small businesses, so it’s important to keep protected.
Here are my top tips for keeping your small business safe from phishing attacks.
Dan Slattery, Senior Information Security Analyst, Webroot