Small businesses are popular targets among online criminals. While large companies being hacked make the headlines, the truth is that many fraudsters target small businesses because they’re typically ill-prepared for a complicated cyber attack, according to a study conducted by Manta, an online resource for small businesses.
Small businesses need to be proactive
CNBC reported that 14 million small businesses were hacked in just 12 months. An event like this can disrupt business for days and have a devastating effect on a company’s financial stability. An analysis from the Association of Certified Fraud Examiners found that $3.2 trillion are lost to fraudsters annually. Additionally, as of the first quarter of 2016, $7 out of $100 are subject to fraud, according to PYMNTS.
Clearly, there is a great need for small business owners to become educated about the risks that online criminals pose to them, and how to lower the chances of their becoming a target.
According to Computer Business Review, phishing scams are quickly becoming a favored approach for hackers to infiltrate a business. In these scenarios, an email containing a malicious link is sent to the victim, who then clicks on the link. In other cases, the email might request sensitive information to be included in the victim’s reply. These instances usually end with the victim transferring money into a false bank account, or otherwise handing funds over to the criminal.
How to spot a phishing scam
Though these fraudsters are clever, small business owners and consumers alike can keep a few things in mind whenever they check their emails. Phishing attempts usually include these red flags:
- Odd or unfamiliar email addresses. Fraudsters may obtain a legitimate email address that you might be familiar with, and use a very similar address. Be sure to always double-check the email address you’re communicating with.
- Incorrect URLs. The goal here is to trick you into thinking you’re headed to a familiar site or a trusted login portal, CIO pointed out. Always review the URL and never click on a suspicious link. Before clicking on anything, make sure the URL matches that of the site it says you’re being directed to.
- Generic language, poor spelling or bad grammar. Most legitimate businesses have some sort of process by which outbound communications are edited and proofread. If you notice poor spelling and grammar, it’s unlikely that the email went through any sort of review process.
Getting out in front of fraud is difficult yet highly important. By learning how to detect attempted fraud, you can save your business from a harmful attack.