There are 3.5 new cyber security threats created every second according to researchers at Trend Micro. Protecting your business and customer data can seem daunting in this ever-changing landscape of cyber security. By educating yourself on some of the most common cyber threats, you can begin to take action to protect your company and customers. Here are the four cyber-attacks you need to know about in order to protect your small business.
Phishing strategies involve a malicious user who poses as a trustworthy source (e.g., your bank) and sends you an email. In this email, the phisher creates a false emergency and requests that you click a link to go to their website to resolve the issue. Once there, you’re prompted to enter sensitive data, such as your bank username and password, account number or Social Security number.
It has become easier for phishers to launch attacks against unsuspecting business owners thanks to social media. This is because most business owners, vendors and employees put their information on the web for anyone to gain access. This allows phishers to create highly personalized phishing emails and websites that resemble those of the sources they’re posing as, which increases the chances of duping business owners and their employees.
2. Drive-By Download
“Just don’t click anything and you’ll be okay” is the mantra many business owners use when they accidentally stumble onto a suspicious looking website. Unfortunately, drive-by downloads make it possible for websites to upload malicious software to computers without you even clicking on anything. Simply visiting the website initiates the attack. Drive-by downloads are often combined with phishing emails.
Malware is a broad term used to describe malicious software that can damage your computer and gain access to sensitive data. There are several different types of malware that you need to be aware of:
• Adware is a form of malware that is often bundled with free or pirated versions of software and is designed to launch advertisements, or pop-ups, when your computer is using a web browser.
•Spyware is designed to spy on your activities and monitor things such as keystrokes and websites you have visited in order to steal passwords. It can also change your computer’s security settings.
•Trojan horses appear as normal files or computer applications. Once downloaded, they give a malicious user access to your computer and information—including your passwords and bank account numbers.
4. Point-of-Sale Hacking
This is one of the more high-profile cyber attacks that hackers can launch against your small business. Point-of-sale (PoS) hacking involves a hacker remotely scraping the credit card information stored on your point-of-sale device. Typically, this information is stored on a PoS device for only a microsecond before it becomes encrypted. That microsecond is just enough time for hackers to grab the vital credit card information and transfer it to one or more remote servers.
It is rarely just one credit card number that hackers steal. More often, hackers will gain access to a point-of-sales device and scrape credit card information for months before being detected.
So, how do hackers gain access to your point-of-sale device? They can physically break into it, but if your point-of-sale system is linked to your computers, then they can hack into it using any of the three cyber-attacks listed in this article.
By Michael Kelly