Scammers use DocuSign API to send fraudulent invoices
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
Why is cyber security important for small businesses? Small to medium businesses face the impact of cyber security incidents each day.
According to the Australian Cyber Security Centre (ACSC) Annual Cyber Threat Report 2021-2022 there were over 76,000 cybercrime reports. This equates to the ACSC receiving one report every 7 minutes compared to the previous fiscal year which was every 8 minutes.
Anyone can be a potential target for a cyber attack which means you need to be vigilant. We recognise that Australian small business owners do not have the time or resources to dedicate to cyber security. That is why you must act swiftly and implement simple measures to combat cyber security threats.
We explore the essential small business cyber security guide such as key cyber threats, financial impact, and how we can help.
Australian small businesses are faced with all types of cyber threats. SMEs are mainly faced with a popular attack called ransomware. A ransomware attack occurs every 11 seconds making it the number one threat to small businesses in 2022, according to Savvy. Here are the top cyber threats in 2022 that small to medium businesses face:
Ransomware is a type of malware (malicious software) designed to lock down your computer or organisation’s sensitive files until a ransom is paid.
What can trigger ransomware?
Like social engineering, phishing is a fraudulent message designed to deceive employees into revealing confidential login credentials or sensitive information using electronic communication channels. Phishing attacks may target the following communication channels:
Below is an example of a phishing email:
Source: Mailguard
Top phishing statistics in 2022:
Malicious software, better known as malware, is any type of software that is specifically designed to make an organisation’s computer system install unintended functions, that aid cyber criminals in their malicious activities. Cyber criminals use increasingly sophisticated methods to infect targeted computer systems with malware which can result in:
Here are ten common types of malware:
Business email compromise (BEC) attacks are targeted attacks that aim to deceive accounts payable staff into transferring funds to a fraudulent bank account controlled by the attacker.
According to the ACSC, there are three common deception tactics that cybercriminals use associated with a business email compromise, such as:
Cybercriminals not only resort to emails when launching their attacks. Mobile devices are increasingly used, as they allow attackers to circumvent email security controls. Attackers achieve this by calling or texting people claiming to be from well-known businesses or government agencies like the ATO.
When identifying phones scams there are five that are commonly used:
If you receive a phone call or text that sounds too good to be true it may be an attacker attempting a phone scam. Other red flags include, an individual who is threatening you, asking to gain access to your computer for any reason or an unknown individual that has your personal details. If the phone call or text seems suspicious, rule number one is to never click on an unknown link and to never give out your personal details without verifying. Sophisticated attackers are always coming up with new ways to gain access to your bank account details like your credit card information or take control to commit fraudulent activities.
The costs of cybercrime extend far beyond any amount that has been defrauded.
The impact of a cyber security breach is far too substantial for most small businesses to recover from. For instance, the average reported loss by a small business was $8,899 while medium businesses lost an average of $33,442 to cybercrime, according to mybusiness. Australian business owners should recognise the direct and indirect costs that they could potentially face if security controls are not in place.
One of the most significant costs that must be factored into cybercrime is business disruption. This is also among the hardest to quantify in advance, as each case of cybercrime varies in impact and intensity. Costs may include:
When a small business is impacted by cybercrime, the resulting losses can have a detrimental impact on cash flow. other than losing bank accounts and loss of revenue, businesses may incur extra costs after a cyber security incident such as increased insurance premiums.
Small businesses that are impacted by a cyber security incident can have long-lasting effects on the business and reputation. Reputational damages involve:
The time is now.
The most effective way to protect your business is to strengthen your cyber security controls like multi-factor authentication and security software that facilitates continuous oversight and compliance monitoring.
By integrating Eftsure, you can safeguard your organisation’s financial assets from cybercrime with our fraud tech solution. Our solution is designed to alert in real-time each outgoing payment if there is a mismatch with a BSB or account number when processing an EFT payment. Allowing you to investigate any suspicious activity during the payment process.
For more information, download our cyber security guide for CFOs 2022 that can be used as the foundation of cybersecurity for small businesses. We explore a comprehensive guide on how to become involved in every stage of your organisation’s internal cyber security conversations, planning, and execution to mitigate a cyber-attack.
Contact Eftsure today, for a full demonstration of how we can protect your business in cyber security.
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
Because LinkedIn is used as a professional networking platform, account holders don’t use the same caution as they would on Facebook or …
Fraud can strike any time, but certain periods increase your business’s vulnerability to fraudulent activities. During these times, your teams may be …
Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.