Cybercriminals are well versed in finding prime targets to execute their attacks – and small businesses are considered ripe for the picking. Many SMEs consider themselves to be safe since they employ a ‘security-by-obscurity’ policy – they feel like since they are not a large organisation hackers will not find them nor benefit from targeting them.
It has been discovered that only 58% of small businesses are concerned about a cyberattack. That’s a very large portion of organisations which are not defending against this very real threat. It is however rather the contrary – 43% of cyberattacks have been found to target small businesses, and this is an increasing number.
Incidentally, 91% of cyberattacks start with a spear-phishing email. A spear-phishing email is personalised to the victim. It’s clear that this is a large problem many small businesses mistakenly neglect – shown by the fact that 48% of SMEs declared they had a data breach in 2018.
Interested in finding out how susceptible your sector and country are to phishing? OpenPhish run a very interesting Global Activity Map showing worldwide phishing activity live on screen. Click here to be taken there!
So, what else makes your business a prime target for phishing attacks?
Being a financial organisation: The amount of financial organisations targeted by phishing attacks is very large, and the amount of cyberattacks against such organisations is ever increasing. If you are handling a lot of sensitive data, be sure you will appear as a tasty meal for hungry cybercriminals.
Sales/marketing employees: Phishing scams are targeted against individuals who may not know what a phishing attack looks like – and the job role with the highest risk ratio in this regard is sales/marketing.
Senior employees likely to be untrained against phishing attacks: While attackers often target individuals who are lower down in the corporate ladder – senior employees and management are just as big a target. These employees may be targeted due to their holding of more sensitive information and the likelihood of having more access to the systems of the organisations.
Assent can help you with protecting organisation – providing Cyber Security Consultancy, infrastructure monitoring, and Employee Awareness training programs and services. Contact us for a free consultation.
See also: Top 5 risks to Cybersecurity in 2019
Phishing: Are you a target?