Simple Email Habits Give Cyber Criminals an Edge

In an increasingly digital world, even the seemingly innocent action of sharing holiday plans in an out-of-office email could give cyber criminals an edge. At the recent 2023 SmallBiz Week conference in Melbourne, Australia, representatives from small businesses, as well as Telstra and Commonwealth Bank, gathered to discuss the escalating cyber threats faced by independent businesses. While the media spotlight often shines on major data breaches affecting companies such as Capita, Royal Mail, WH Smiths, TechnologyOne, Yellow Pages, Medibank and many others, the panel stressed that small businesses are equally (if not more) vulnerable to cyber crime.

Tim Smith, national membership manager for the Family Business Association, pointed out that though individual attacks on small businesses might involve smaller sums than those against larger corporations, the potential impact of successful cyber attacks could potentially be devastating. “Could your business afford to lose, ten, twenty, thirty thousand dollars?” Smith questioned, emphasising that for many small to medium sized businesses, the financial impact of a cyber attack could be enough to shutter their operations permanently. He further noted that cyber criminals are deploying increasingly sophisticated tactics to deceive business owners and employees into diverting significant funds into fraudulent accounts.

Smith recounted a chilling example involving a business CEO who had shared their holiday details in an out-of-office email. Exploiting this information, a cyber criminal impersonated the CEO, convincing another employee to transfer money into a separate account under the pretence that the CEO’s account had been locked due to overseas travel. The deception was successful, with the unsuspecting CEO waking up in Italy to find company funds depleted without explanation.

One2Call are working to help protect business across the UK from cyber threats just like these through a verity of solutions. These include, Active Email Threat Protection that monitors your business emails to ensure their legitimacy, protecting you from phishing attacks as well as other more sophisticated social engineering attacks, using unique passwords for each digital account and business software system, ensuring processes are in place to protect and double check payment details, enabling multi-factor authentication, keeping software up-to-date, maintaining secure data backups and Endpoint Detection & Response to ensure that business devices are actively monitored for unusual, suspicious or malicious behaviour.

If you would like to find out more about our Cyber Security services you can do so at the link below, download our FREE Cyber Security Self Assessment form or contact us to speak with our cyber security specialists.

Latest News Stories