Small Businesses Targeted More Frequently By Hackers Than Large Comapanies

People who own or work at small businesses are at a much greater risk of being attacked than employees of larger businesses.

Small businesses are now three times more likely to be attacked than larger companies according to the Top Threats & Trends from Barracuda Networks who analyzed million of emails from thousands of companies.

It was discovered that on average an owner or an employee of a small business will receive 350% more attacks than an employee of a large business, with the owners being at the greatest risk.

Hackers target the business owner so they can gather information about who their customers are, who their suppliers are and who they bank with.

Your data is more valuable than you may think, espcially if your business can’t operate without access to it.

Information gathering can take months and most business owners don’t know they have been targeted until it is too late.

Once the hacker has all the details of suppliers, customers and most importantly how much money is in the business bank account, they can block off your access to your computers and only unlock access after they are paid a large fee.

Barracuda Networks said their report examined current trends in “spear-phishing, which businesses are most likely to be targeted, the new tricks attackers are using to sneak past victims’ defenses, and the number of accounts that are being compromised successfully.”

Mike Flouton, the company’s vice president of product management, said the most surprising survey finding was that one in five organizations have had at least one account compromised in 2021 and 2022.

“Breaking this down further, this translates into almost half a million Microsoft 365 accounts compromise. That’s a lot of real estate for hackers to launch their attacks and spread laterally within organizations,” he observed.

“This also highlights how many organizations can be vulnerable without a right set of protection tools. Once inside, it can be especially difficult to detect an intruder until it’s too late and they have already acted,” Flouton said.

This is the reason we advise customers never to type in their account passwords anywhere, especially if it is in a link from an email.

Microsoft will never email anyone and ask for their password. It is always a scam.

“Hackers no longer rely solely on ‘traditional’ threats such as spam or malware, therefore traditional email filtering technology is no longer sufficient to prevent modern-day attacks. It needs to be supplemented with machine learning security to protect against all email threat types,” he said.

Flouton recommended that, “In addition to having threat prevention capabilities, it must also have the ability to detect and respond to threats post-delivery.”

This includes detecting the takeover of accounts, training end-users to recognize and report suspicious messages, “and the ability to automate response to these threats so they can be eliminated before they can cause damage,” he concluded.

Clients who are signed up to our Email Services already have the best email protection available.

If you would like to know more about how we can protect your small business from cyber threats, contact us here.

Try not to be complacent about security, especially if you receive any emails about passwords or bank account information.

Threats are evolving all the time and it is easier than ever to get caught out, especially when you are busy at work and under pressure.