What is phishing? And no, we’re not talking about the activity of catching fish for food or sport. Phishing, spelled with a ‘ph,’ is an ever-growing concern defined as the “technique for attempting to acquire sensitive data, such as bank account numbers, through a fraudulent solicitation in email or on a web site, in which the perpetrator masquerades as a legitimate business or reputable person.”
But why is phishing especially harmful to small businesses? Why are they being targeted? We have all the answers and more, thanks to Brenda Jo Robyn, founder of Competitive Edge Insurance.
So, welcome to ‘Why is Phishing the #1 Thing Killing Small Businesses?’ We hope you stick around to learn something new, including how you might protect yourself as a small business owner.
What is Phishing?
Today, phishing can come in a variety of forms. According to Brenda Jo, phishing is “any activity that compromises your organization’s security… It can come in the way of an email or a text or an application.” These applications that retrieve your data can be on your computer, phone, even your iPad. Scammers target you and ask questions to get your information in really creative ways.
An Example of Phishing
Let’s say you receive an email that you’ve been expecting from Bank of America. Why not just ignore it? Well, because…
“It looks like you really should open it. [After all,] it’s a secure document for the bank you’ve been working with lately,” says Brenda Jo. The culprits know you’ve been waiting for this specific type of document to arrive in your inbox because they’ve been screening your emails.
“So, now they have captured that you’re working with this bank and now this bank is sending you a secure document that you need to open… You open it out of their Google docs, and all of a sudden, bam, you got a worm or a virus on your computer,” says Brenda Jo.
“That’s going to either start going through all your files and looking for stuff. They’re gonna track your emails or they’re going to track your keystrokes.”
Phishing is huge right now. Brenda Jo continues. “I can’t stress enough how important it is to make sure that your computers and data is secure from others. There are a lot of what are called ‘bad elements’ or ‘bad actors’ out there that are trying to steal your data… Right now data is money. And the more data you have, the more money you can make.”
How Dangerous is Phishing for Small Businesses?
The statistics speak for themselves. Right now, 60% of small companies that have been hit by a cyber attack are closing their doors within six months. The reason? It is very costly to come back from a cyber attack.
Most small businesses don’t have the collateral, backing, or lines of credit to make themselves whole again after an attack of this caliber.
How Can Small Businesses Protect Themselves from Phishing?
Focus on training.
- Training your employees: (For example, they need to know how not to send excel spreadsheets emails! Instead, create a zip file or convert the document into a PDF. Why? It is very easy to scrape data from an excel file while in an email.)
- Training IT: They need to know what to look for.
Due diligence is the bare minimum. Document your training and go over it on a weekly or quarterly basis. Next, ensure your IT systems are multi-layered. This means not only having firewalls on your computers and servers but also helpful, educated IT personnel available.
Develop a Planned Crisis Response
A planned crisis response includes a cyber liability policy. As Brenda Jo says, “one of the things that kills the small business is the lack of PR or response to their clients and/or vendors when a phishing attack occurs and data has been compromised.”
“It’s very expensive to go and let everybody know, ‘Hey, your information was taken and here’s the year’s worth of credit monitoring’”—especially if the data is health-related.
You might face both federal fines as well as fines from the state government. The costs add up, and that’s where cyber liability comes in to help.
Reach Out to Competitive Edge Today
As you look at your coverage, think of the potential for cybersecurity issues, evaluate your tolerance for risk, and take the time to look at your policies in detail. As experts, we at Competitive Edge can tell you where you are vulnerable and what the risk might cost you. It is then your decision to accept the risk or mitigate it with coverage. You know what we would do.
Interested in learning more about the dangers of ransomware and why the need for cyber liability coverage is increasing? Read on in cyber liability coverage for the new era of ransomware.