15 Aug 2016

As previously reported, the latest trend in hacking is still on the rise in which hackers are foregoing big companies and targeting the small guy.

As BlackHatters have become more sophisticated, so, too, have their earliest victims – larger businesses and financial institutions. While that was good news to smaller businesses, it, unfortunately also caused them to fall behind the cybersecurity bell curve, thus making themselves weaker prey.

A new, effective scam was first reported last week by The Wall Street Journal, in which cybercriminals are essentially re-routing legitimate purchases to their own back accounts. Hackers first hack into the email accounts of either suppliers or purchasers so that they can have access to entire email trails.

Their ultimate goal is to find all the big dollar transactions. Once they identify those transactions, all new correspondence from the big customers are auto-forwarded to a phony email account that has been set up by the hacker to look like it came from a company executive and/or supplier. Once the criminal has contact with the legitimate buyer, the hacker then gives the target fraudulent bank account information in which to transfer the “payment.”

Small businesses are not generally as savvy at picking up on fraudulent emails as bigger businesses. Additionally, small businesses tend to use cloud-based email accounts, which are cheaper than those with dedicated servers, but that low price comes with an increased risk of being compromised.

Additionally, it doesn’t matter which company’s email the bad guys get ahold of because both sides of the emails can be seen. So even if your business has strong security, if you are doing business with a less sophisticated company, you are at risk.

In fact, a June report from the FBI stated that, in the US alone, more than 14,000 businesses have reported combined losses of close to $1 Billion since 2013, and there has been a 1,300% increase since just last year.

While you may not be able to stop a hacker from targeting your small business, there are ways for you to protect yourself:

  1. Use Strong Passwords. You should not reuse or repeat passwords; with all of the compromised social media accounts, it is easy for hackers to steal passwords. F
  2. Implement Payment Verification Policies. Make it a policy that you and/or your employees must verify purchase orders or payment requests, ESPECIALLY IF THEY ARE ASKING YOU TO SEND THE PAYMENT TO A DIFFERENT BACK ACCOUNT. All it takes is a phone call.
  3. Use Business-Grade Security Software. Well known security software includes McAfee, Symantec and Webroot, all of whom have the ability to identify suspicious behaviors.
  4. Use Secure Email Servers. Virtual Private Networks (VPN) offer more secure network connections. If you are unable to purchase one of your own for $5,000, you can lease one for $5 to $100/month. VPN’s are effective at protecting against minor hackers
  5. Require Employees to Enable Two-Factor Authentication. If a hacker attempts to login on an unrecognized server, you or your employee will be notified and the hacker will not have access to the unique verification code, thus thwarting the attempt.
  6. Don’t Hesitate. If you are targeted, contact authorities immediately.
  7. Use Small Business Resources. The Small Business Administration has a great, free tutorial available regarding small business cybersecurity.

Schedule an Appointment

Schedule an Appointment

    Our clients are awesome!

    Based on 55 reviews.
    Jeremy Richards
    Jeremy Richards
    2020-03-13
    Petronella provides great advanced digital marketing and automation solutions for my business!
    Kate Swenson
    Kate Swenson
    2020-02-14
    Highly recommended for CMMC certification assistance! Excellent and affordable options for secure data hosting on local infrastructure. 5 stars!
    Tom Matzen
    Tom Matzen
    2020-01-25
    Petronella Technology Group helped us setup our sales and marketing automation, cybersecurity and compliance for our new Blockchain startup. Great to work with! Craig in particular really knows his stuff, can translate into non-tech speak, and has wisdom beyond his years. Highly recommend them.
    Justin Summers
    Justin Summers
    2020-01-14
    Craig is awesome! He is very professional and efficient with his work. I would definitely recommend Petronella Technology to anyone who needs state of the art service.
    Blake Rea
    Blake Rea
    2020-01-14
    Craig is an expert in his field. Impressed by his knowledge, A true pioneer in Cybersecurity. My business is safer thanks to Petronella Tech!
    Robert Friedman
    Robert Friedman
    2020-01-10
    For the last five years Craig has been the Contributing Editor for Cybersecurity for NC Triangle Attorney Law Magazine which I publish. His base of knowledge is always leading edge, pragmatic and early to understand for our readers who are not techies. He is patient and easy to work with.
    Tammy Everett
    Tammy Everett
    2020-01-10
    Craig Petronella, CEO of Petronella Technology Group provided the members of the Defense Alliance of North Carolina expert advice on cybersecurity and NIST compliance. Eye opening experience! Thanks so much!
    Julie Brown
    Julie Brown
    2020-01-09
    Craig and the Petronella Technology Group, Inc. team made HIPAA compliance for my small practice so simple and easy! They helped me with all of my HIPAA training, HIPAA Security Risk Assessment, Penetration Test, and HIPAA secure hosting so I can rest easy.
    Pivot Point
    Pivot Point
    2020-01-03
    Petronella Technology Group helped us with our marketing strategy for our new web startup. Awesome experience!!!!
    Richard Brunet
    Richard Brunet
    2019-12-30

    SCHEDULE AN APPOINTMENT

    Make It Happen Now

    CLIENT SUPPORT

    Don't Feel Stranded

    CONSULTATION

    Get Best Advice

    PAYMENTS

    Make A Payment

    Top