Cybersecurity Scams Targeting Small Businesses in 2022

Cybersecurity Scams Targeting Small Businesses in 2022
8 MINUTE READ

Cybersecurity Scams Targeting Small Businesses in 2022

With the rise in cyberattacks in recent history, many businesses are wondering what to look out for in the coming year. In 2019, most businesses transitioned to a fully-remote or hybrid working model, putting their systems at an even higher risk for cyber attacks. As of 2022, remote or hybrid models are the new normal for many in a world where cyber security issues are getting harder and harder to detect. There is an overwhelming amount of information available on what to look out for and ways to avoid a security breach. Our goal with this article is to simplify the top cybersecurity scams for small businesses in 2022 and provide proactive steps and key warning signs.

______________________________________
SKIP THE LINE:
1. Account Security Re-Authentication
2. Phishing Links
3. Account Takeover Attacks
4. Data Breach
______________________________________

1. Account Security Re-Authentication/Password Expiration

One of the most common trends in email phishing has been account re-authentication requests. Be very wary of these types of emails. Always ask yourself if it is something that you specifically requested. In the examples below, the user was prompted to click the link to reset their Microsoft password. There are a few key indicators that this email is suspicious. For example, Microsoft is typically connected to business computer logins for users and there will not be an email to reset your password. It will instead come in the form of a pop-up notification on the lock screen or desktop. Additional red flags to look out for include:

  1. Unknown Email Domains
    • Note: If you are viewing an email on a mobile device, always check the sender’s email address and do not rely on the name of the sender.
  2. Spelling Errors
  3. Unrequested Password Resets
  4. Suspicious Links
    • Note: Always check links by hovering over them, do not click them until you verify.
  5. Sense of Urgency Requests

Phishing Example Email

Phishing Example Email Password Expiration

2. Phishing Links

Another example of email phishing is a “document” sent by someone within your network that has been hacked. These can be tricky to spot, as they typically come through as legitimate email domains. The best course of action before clicking on any links is to call the sender to confirm that the document has been sent by them directly. Below, we have indicated a few key warning signs within an example email. Keep in mind, these emails can be formatted for your specific industry. For example, a construction company personnel’s email can be hacked and all of their contacts can be sent an email with a link to a “Request for Proposal”. This type of document is standard from the company, therefore harder to identify as spam.

Key Warning Signs:

  1. “Secure” Email or Link Identifiers
  2. Sense of Urgency Indicators (ex. “**NEEDS FINAL REVIEW**”)
  3. Spelling and Grammatical Errors (ex. “One Drive” instead of “OneDrive“)
  4. Links – Always verify by hovering your mouse over them, do NOT click until it is verified and examined closely.
  5. Sender Changes within Body of Email (ex. “sent to you by Marti Bannwarth”, but Marti Bannwarth was not the sender of the email)

If you ever have questions about a suspicious email, send it directly to your IT provider. Do not pass go. Do not collect $200… you get the point.

Phishing Example Email

3. Account Takeover Attacks

Account Takeover (ATO) is the malicious takeover of an account by a hostile hacker. This style of fraud has been growing over the last few years, especially for small to medium size e-commerce businesses. Under most circumstances, these hackers pose as one of your current buyers with the intention of making unauthorized transactions. These attacks can cause mistrust for customers and result in a decrease in sales long-term. There is also a possibility of the hacker gaining access to the sensitive data saved within your site. To reduce the risk of this threat, we always recommend that a business implements two-factor authentication.

Related Article: 3 Steps to Help Secure Your Systems Amid Worldwide Cyber Threats

Cybersecurity Attack Defenses

4. Data Breaches

The average cost of a data breach for small to medium size businesses with <500 employees is $2.98M. Although it can vary greatly based on the size of the business and security breach scope, almost $3M is no small sum to gamble with. Unfortunately, many businesses are seeing this affect their operations in today’s digital world. The first line of defense is a good offense. A strong cybersecurity team, whether in-house or through a managed service partner, is the best way to keep the hackers at bay. Ensure that all systems are secure by putting steps in place for all cloud systems, regular monitoring, and endpoint security protection.

CONCLUSION

The moral of the story? If you see something that looks suspicious, report it to your IT manager and do not click on anything. Even if it is a legitimate link, safe is better than sorry when it comes to the potential for millions of dollars in losses. Antivirus, Firewalls, and well-maintained technology are not a replacement for good cybersecurity training within your organization. Looking to train your team on the latest cybersecurity practices? Let the experts at Ford Office Technologies give you a hand at 1-800-633-3673 or by emailing info@fordtech.com

Join the Discussion

How document management systems help businesses

How Document Management Helps Business

7 MINUTE READ How Document Management Systems Help Business Document management is not a new trick and has been proven…
CONTINUE READING
Best Commercial Copiers in 2021

Top 5 Commercial Copiers and MFPs of 2021

8 MINUTE READ Ford Office Technologies Top 5 Commercial Copiers and Multi-Function Printers of 2021 As 2021 comes to an…
CONTINUE READING

Buyer’s Guide to Managed IT Services

Buyer's Guide to Managed IT Services The Buyer's Guide to Managed IT Services is a FREE eBook to help guide…
CONTINUE READING

Contact Ford Office Technologies

Share a few quick details to get a response from our support team.