There are some simple steps you can take to protect your small business from cybercrime and protect your online information.

43% of all cybercrime targets small business so it’s important you take measures to protect yourself and ensure your business and your clients personal and financial information is safe from online attacks.

Below are a few tips to help your organsiation avoid cybercrime and ensure online safety:

1. Privacy

Take protecting your business seriously—do not share passphrases or keep sensitive business or customer data on computers outside your control.

Take responsibility for making your team understand information security, and include this in your business plan. Refer to the Implementation Guide available on the Stay Smart Online website for actions that help maintain the con dentiality of information within your business.

 

2. Passphrases

Passphrases are a series of words that are longer, easier to remember and harder to guess than traditional passwords. However, you should avoid using passphrases drawn from dictionaries or that may be relatively easy to decipher.

Tell your employees to create passphrases for their online accounts. Advise them to use two-factor authentication or verification for additional protection.

 

3. Awareness

Staying smart online is not just about you and your team, it’s about insisting your business partners and suppliers, and even your family and friends, stay up-to-date with the latest scams, spam and internet threats.

Awareness also extends to being on the lookout for suspicious messages, including:

  • Phishing emails or text messages (these messages try to lure you into providing your passwords, online banking details or other sensitive information),

  • Spam (unsolicited advertising or promotional messages), and fake telemarketing calls requesting personal or nancial information.

 Look for the padlock symbol in your browser address bar and ‘https’ at the start of the website address when visiting sites. Also manually type website addresses into your browser’s address bar and check that the address displays properly with no added letters, numbers or symbols.

4. Network and device security

Having antivirus software that is updated regularly is a good start, as well as setting your systems to automatically update software.

Insist workers lock them with PINs in case of loss or theft and limit business information stored on them. Treat any network that your business does not control as insecure, particularly public Wi-Fi. Educate your workers to be wary of plugging unknown USB drives into their computers as these drives may contain viruses.

Keep your security software up to date and back up your data to devices or locations isolated from your corporate network.

 

5. Backups

Not backing up your data can cost you your business.

Business data includes accounting files, invoicing and quoting systems, letters and emails, information and resources, and even your website files.

Take your backup offsite or store it securely, like other important documents. Test your backup system regularly to ensure that it restores all information correctly.

Common Online Threats

Spam_Cybercrime.png

Spam

Unsolicited email. Most spam is commercial advertising, often for dubious products, get-rich-quick schemes, or illegal services. Users are advised that if an offer in an email appears too good to be true then it probably is and should not be actioned in any way.

Scareware_Cybercrime.png

Scareware

Malware that causes frightening messages
to appear (for example, that your computer is infected with malware or that you are guilty of a crime), and attempts to extort money from you to resolve the alleged issue. Similar to ransomware.

Malware_Cybercrime.png

Malicious Software (malware)

A catch-all term used to describe software designed to be installed into a computer system for the purpose of causing harm to you or others. This would include viruses, spyware, trojans, worms, etc.

 
Phishing_Cybercrime.png

Phishing (email/website)

Fraudulent email messages or web sites used to deliver malicious content (such as malware); or gain access to personal information for illegal purposes such as transferring funds or purchasing goods over the internet.

Virus_Cybercrime.png

Virus

Malware designed to infect and corrupt a computer and to copy itself. Viruses can disrupt programs installed on a computer.

Adware_cybercrime.png

Adware

Software that is covertly installed on your computer and designed to deliver advertisements or other content which encourages you to purchase goods or services.

 
Cryptolocker_Cybercrime.png

CryptoLocker

A particularly malicious type of ransomware which, once installed on your computer, encrypts and locks all of the les on the infected computer including documents, photos, music and video. A pop up window will then display on the computer screen requesting payment of a ransom in return for a CryptoLocker key to unlock the encrypted les. Paying the ransom does not guarantee removal of the CryptoLocker.

Spyware_Cybercrime.png

Spyware

Software that is covertly installed on a computing device and takes information from it without your consent or the knowledge of the user.

Keylogger_Cybercrime.png

Keylogger

A keylogger is a program that records the keystrokes on a computer. It does this by monitoring a user’s input and keeping a log of all keys that are pressed. The log may be saved to a le or even sent to another machine over a network or the Internet. Keylogger programs are often deemed spyware because they usually run without the user knowing it.

For more information on how to protect your small business from cybercrime visit www.staysmartonline.gov.au/get-involved/guides/smallbusinessguide

Comment