With the changes COVID-19 has thrust upon our world, it is important that small business owners understand the value that their customers place on the data that they’re giving them. We can no longer go to a pub without pulling out our phones and signing in with tech, so data security concerns are now right at the front of customers’ eyes, yet still at the back of business owners’. The size of the threat facing us in 2021 is much greater, with reports to Scamwatch up almost 25 per cent in 2020. Cyber criminals looking for ways to exploit the new digital economy have found them.
Every type of business from retail to professional services had to move online in 2020 to service the needs of their customers, and as a result, small businesses now store their most important data on digital platforms that, oftentimes, aren’t very secure. Concerningly, almost 20 per cent of small businesses spent $0 on cyber security over the past 12 months, despite research showing that business owners consider cyber security as more important than physical security.
The latest data shows that two out of every five small businesses experienced a cyber attack, so now is the time to get on top of it. It’s time to review platforms and systems, assess what scams or cyber attacks might pose the biggest risk to your business, and take steps to improve the protection of this information.
The most common scams targeting accountants are:
- Business email compromise (using stolen or easy-to-guess email usernames and passwords to access and redirect your emails) that leads to invoice scams or data theft and breaches.
- Ransomware attacks through phishing email campaigns that result in cyber attackers attempting to extort ransom payments in exchange for regaining access to your systems and files.
- Identity theft is also prevalent, with scammers posing as trustees and other financial or legal representatives in order to access trust funds.
For all accountants and small business owners, the most important thing to do is to understand what risk you currently face.
First 3 steps to take
- List all the places you store data (e.g. Google Drive, Hootsuite, Shopify etc) — 84 per cent of Australian business owners rely on 30 separate technologies!
- Check whether these different host platforms share the same passwords, and change them. Anything that’s easy to remember is easy to hack. When hackers use a password-cracking tool, nine-character passwords take five days to break, 10-character words take four months, and 11-character passwords take 10 years!
- Turn on multi-factor authentication on everything! Using multi-factor authentication can block 99 per cent of account hacks!
Luckily for us, cyber security is not a tech problem, it’s a human problem. We expose ourselves to risk through using the same, weak passwords or opening a dodgy-looking file. By being more aware of digital risks and making a few changes, we can greatly protect ourselves against a cyber threat.
Susie Jones, co-founder and CEO, Cynch