A new report by Symantec shows that small businesses are increasingly the targets of cyber theft, with 36% of targeted attacks during the first half of 2012 directed at companies with 250 or fewer employees.
Many small business owners consider their business too small to be a target, which is a mistake because hackers know that small businesses have more capital than the average individual. “Cyber criminals are business people, too,” said Arild Jensen, owner of Secos Security, a Granada Hills, Calif., firm that specializes in cyber security for small businesses. “They’re going to go for the easiest, most rewarding target.”
Compounding the problem is that some service providers, including banks, do not afford the same protection to business accounts as they do to individuals. State and federal laws do not require banks to cover business accounts because they expect companies to employ more sophisticated security measures than individuals.
Related: Free Webinar on Secure Commerce - Data Security Essentials Every
Small Business Should Know on Friday, Nov. 16
That was the case for Michelle Marsico, who never thought about cyber security until her business was attacked. The escrow agency owner had a small office, with only three employees working on computers equipped with anti-virus protection and no Wi-Fi access.
It came to light that over the course of two and a half days, 26 wire transfers totaling almost $500,000 were sent from her account, without triggering any alarms from her bank. Marsico speculates that a slew of suspicious emails with attachments are to blame. When she opened the attachments, a blank page came up so she thought nothing of it. (Cyber thieves use these email attachments to install a virus on your computer that records your keystrokes, including your passwords, Jensen said.)
Now, Marsico is painstakingly careful about her cyber protection. Her new bank provided her tokens, a keychain device displaying a random numerical password that changes every minute, to authorize online wire transfers. With the help of her IT professional, the office has a closed network, which he monitors constantly. All computers are equipped with upgraded anti-virus software and very limited access to the Internet. After experiencing the consequences of a cyber attack, Marsico and her staff are more cognizant of the threat, never opening suspicious emails and changing passwords monthly.
“To think that you’re safe is the biggest mistake,” Marsico said.
Jensen said the best advice is, “In general, just be suspicious of everything.”
Read next: Don't be a victim of "Yellow Pages" scams
"Cloud Computing for Small Business" - Free Download