Safety first. 

When it comes to your online business or presence, it’s always better to be safe than sorry. Not only do cyberthreats target huge global companies, but about 1 in 40 small businesses are also at risk of falling prey to cybercrime. In other words, cybercrimes affect not only companies with millions of users but also small business owners.

Whether it’s a computer virus, financial extortion, or phishing scams, these days you simply can’t afford to ignore your online safety.

However, with a little know-how and the right security measures in place, you can make sure you’re taking all the necessary precautions to protect yourself from these ever-evolving threats.

So without further ado, here are the top five threats individuals and small business owners are likely to face or encounter online.

1. Malware

What is it?

Perhaps the most well-known out of the cyber threat bunch, malware is short for “malicious software.” In other words, malware is any type of software created with the intent to damage, steal, and/or destroy data (yes, that means yours).

Broad in definition, malware can refer to the following: viruses, Trojans, worms, spyware, and ransomware (more on that in a bit). Given that nearly one-third of the world’s computers are infected with some sort of malware, it’s no wonder there’s genuine concern.

What does it do?

Malware accesses sensitive data and duplicates it (i.e. spreads). And unfortunately, new malware gets created constantly. In fact, the AV-Test Institute (an independent organization that evaluates and rates antivirus and security software) reports over 350,000 new malware programs every single day. While that statistic is startling, many of these new programs are simply “recycled” malware, just slightly altered to make them unrecognizable to antivirus programs.

How does it happen?

Most malware actually arrives via email. According to the experts over at Safety Detectives, out of 50,000 malware incidents reported, email was responsible for 92% of them. Often sent as email attachments, they can also be downloaded from certain websites with the intent to infect your computer. Computer viruses, in particular, are known for sending spam, disabling your security settings, corrupting and stealing data from your computer (think passwords), even deleting everything from your hard drive.

How can I prevent it?

Although basic antivirus can protect against certain types, a multi-layered security program that uses anti-virus is your best bet. Not sure which one to choose? The folks at TechRadar reviewed and rated the best ones for 2019.

Other bits of common sense? Don’t open emails from people you don’t know, double-check your downloads (meaning, make sure the provider is trustworthy), and get a reliable ad-blocker.

For a more in-depth look, here’s a detailed overview of how you can further protect yourself from malware.

2. Ransomware

What is it?

As previously mentioned, ransomware is a type of malware that restricts your computer access or files by displaying a message/notification that demands payment (aka “ransom”) in order for the restriction to be removed and for you to regain access.

Robot facing ransomware attack on laptop

The two most common ransomware attacks are:

  1. Lockscreen. As the name suggests, the ransom message is displayed on your screen, preventing you from accessing your computer.
  2. Encryption. Here, the files on your hard drive get encrypted so you’re unable to open them/access them. Afterward, a message will appear, with something similar to: “Your files have been encrypted. If you want them back, pay X amount within X hours to get the encryption key.”

How can I prevent it?

According to a recent report from The New York Times, ransomware has allowed people who are not computer experts to become computer thieves.

To avoid a potential attack, regularly back-up your data with an external hard drive. A cloud-based data backup also allows you to recover your lost data by reformatting the corrupted drives and restoring them from the backup.

And whatever you do, don’t pay the ransom! Although it may initially scare you, remember that these notifications do not come from real law enforcement. And even if you do submit payment, chances are you won’t even be able to regain access to your system.

For even more tips on how to avoid being a ransomware victim, check out one of our previous blogs or if a worst-case scenario happens, here’s what to do.

3. Phishing

What is it?

Much like the actual act of fishing (where an angler is thrown out with bait in the hopes that one will bite), “phishing” is a similar process.

Instead of tasty bait, attackers attempt to lure an individual, often via email, to provide sensitive information (their usernames, passwords, and bank details). How do they do it? By masquerading as an official or trusted source (bank institutions, financial authorities, legitimate companies or even social networks).

How does it happen?

Remember the infamous 2016 scandal when John Podesta, Hillary Clinton’s then-campaign chair, had his personal emails hacked?

In this particular case, Podesta received an email (which was thought to be from Google) that simply asked him to change his Gmail password with a provided link to do so. And well, the rest is history.

Skilled phishers prefer to create a sense of urgency in their emails, explaining how your security is at risk if you don’t update your credentials to confirm your identity. This is where they’ll provide you with a specific link with access to a website that seems legitimate, when in fact it’s all part of the act. And if you’re not paying attention, you might just end up providing personal information you don’t want to share. In the case of providing your bank details, cybercriminals tend to use that information to breach your real bank account or sell it on the dark web.

How can I prevent it?

Remember, you don’t have to be in the political limelight to fall victim to a phishing attack. Everyone is at risk.

The best advice? Be cautious when receiving these aforementioned types of emails. Make sure to read through them completely and if you do end up clicking on the link they’ve provided, take a moment to look at the URL or address bar to ensure it’s from the reputable website.

For more ways on how to protect yourself from potential phishing attacks, check out WeLiveSecurity’s top tips.

4. Public WiFi

What is it?

When it comes to accessing public WiFi, free doesn’t always guarantee good. In fact, connecting to a public WiFi network can put your personal data at serious risk.

Robot on wi-fi on mobile device

What does it do?

While there’s nothing inherently wrong with connecting to the free WiFi network at your favorite coffee shop, hackers have taken advantage of this situation and have now started to create fake open networks using the name of a nearby business.

For example, let’s say you’re at McDonald’s and you select McDonald’s WiFi for Free. Sounds harmless, right? Think again. Once you’ve connected to this seemingly-legit network, this is when hackers can easily intercept your personal data and information. To prevent this, simply ask an employee of that particular establishment to confirm what is the correct WiFi network.

Remember that a public WiFi network is way less secure than your personal, private one. So regardless of what you do when you’re connected to public WiFi, even if you’re not checking your bank account or reading through personal emails, any information you share or access on these networks is fair game.

How can I prevent it?

While Wired provides an excellent step-by-step overview on how to minimize the damage, perhaps it’s time to start thinking about investing in a Virtual Private Network (VPN). An excellent alternative to public WiFi networks, a VPN creates a secure connection to another network on the Internet. For a handy overview on why a VPN is essential, especially when you’re on the run, Namecheap’s Daniel Agnew explains it best.

5. Facebook Impersonations

What is it?

Averaging more than 2 billion active users a month, Facebook is the largest social channel in the world. Although it’s ideal for connecting with a variety of people and prospects, it’s also the perfect place for online scammers to find their victims.

How does it happen?

To put it plainly, hackers will create fake Facebook login pages and send them via email to individuals or small businesses, asking them to enter their password. Unless someone specifically looks at the URL of the page they provide, the unsuspecting victim gives out personal details and the hackers get exactly what they want—your data.

How can I prevent it?

Just as you’re careful to protect your personal bank and email accounts, considering doing the same for your social media ones. As a friendly reminder, don’t accept random Facebook requests from people you don’t know, don’t share your password with others, and when logging in, consider Two-Factor Authentication.

Final Thoughts

By 2021, losses due to cybercrime are anticipated to hit $6 trillion. 

This prediction from Cybersecurity Ventures is no laughing matter. Online threats cost a whole lot of precious time and a ridiculous amount of money.

And as technology evolves, so do the threats. They get smarter, more efficient, and more scalable. While it can seem pretty exhausting to stay on top of all the latest ones lurking, the best thing to do is to be prepared.
Although there’s no foolproof method to 100% protecting you and your small business online, there are many ways to keep yourself as secure as possible.