ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

7 Reasons Your Small Business is a Hacker’s Dream

Updated on February 21, 2017
Hacker’s Dream
Hacker’s Dream | Source

If you’re anything like me, you think you’re pretty smart when it comes to spotting a phishing scam or a suspicious email attachment. I don’t open emails from people I don’t know. But I did open an email that I thought was sent by Microsoft that had me fooled at first until I took a closer look at the URL of the link I was asked to click on and realized it wasn’t Microsoft. It was a darn good imitation of their logo and the grammar and spelling in the email were perfect so no simple giveaway there.

According to Symantec’s 2016 Internet Security Threat Report, in 2015, 43% of spear-phishing scams blocked by Symantec Corporation, a global leader in cyber security protection, were intended for small businesses. So why are small businesses a haven for hackers? Wouldn’t cyber criminals benefit more from attacking larger companies with loads of data and a lot more money than your small business? Not these days. And here’s why:

You think cyber security products are too expensive.

You’re a small business with a limited budget. And hackers know that too. But what you don’t realize is the financial devastation a cyber attack can cause for you professionally and personally. Cyber security and risk management expert, Bob Carver, CISM, CISSP, M.S. knows first-hand the carnage a cyber hacker can cause. His wife was a victim of identity theft and they spent months reporting to law enforcement and other agencies. He says, “Others not so lucky have had their bank accounts drained by cyber criminals, sometimes causing bankruptcy and possibly ending their businesses.”Losing your business to a cyber criminal could be far more expensive than investigating the cost of securing your computer system.

You think the bank will protect you.

You might be under the false impression that the bank will wave their magic wand and fix all the bad things the cyber criminals have done to your small business account. Bob Carver says, “If businesses do online banking as a business account, banks may have limited liability in protecting you if your computer gets compromised, the hacker sniffs your banking passwords and the cyber criminal siphons off all your money. If your banker won't guarantee the safety of your online account in writing, regardless of the reason (i.e. hacking) then you need to go back to paper transactions.”Online banking is so convenient that we’ve become complacent when it comes to the risks associated with online financial transactions. Hackers would rather you bank online than stand in line at the bank!

You don’t know you’ve been hacked until it’s too late.

Hackers can infiltrate your computer system in minutes but cause you months or years of heartache. It could take days or months before you realize you’ve been hacked. Meanwhile, the hackers have stolen your sensitive data, cleaned out your bank account, sold the data they stole from you and are ready to blackmail you to recover your own data before they destroy it or go public with it leaving you liable to potential lawsuits. Some insurance companies offer a whole host of cyber liability insurance coverages from third and first party liability to e-commerce extortion coverages to help protect businesses from financial ruin.

You’re too small so why would anyone bother you.

Don’t believe this myth. No company is too small to be hacked. According to Symantec’s 2016 Internet Security Threat Report, spear-phishing attacks on small businesses (1 – 250 employees) increased from 34% in 2014 to 43% in 2015.A security breach could cause a small business to lose customers and money, not to mention the business’s reputation. Work can halt for days if a business’s computer system is being held hostage by a hacker. Ransomware can lock a business out of its computer system and if the business makes the decision to pay the ransom to unlock the system, the key or code the hackers provide may not work – unfortunately you’re dealing with criminals.

Your employees are accidentally inviting hackers into your business.

Everybody in your organization has an email address, probably a cell phone and most likely active on several different social media platforms. Hackers are happily crashing the party as unwanted and dangerous guests.According to Symantec’s 2016 Internet Security Threat Report, the number of spear-phishing scams targeting employees increased by 55% in 2015!Cyber criminals send emails that look like they were sent by a legitimate company, ask for personal information or passwords and threaten you with an action like closing your account or denying you access to your account if you don’t click on a link or give the personal information they’re asking for. Employees are busy and hackers know it,so they hope you’ll slip up that one time and open the door for them to access your personal or company’s private information.

You don’t train your employees to identify cyber security risks.

According to the Anti-Phishing Working Group (APWG) Phishing Activity Trends Report 3rd Quarter 2016,229,251 unique email phishing reports were received by APWG from consumers.Spear-phishing scams are not always easy to identify and that’s what hackers are hoping for. If employees don’t know what to look for they could jeopardize your entire business. Misspelled words and bad grammar are often telltale signs that the email could be a scam.The sender’s email address may look strange. Teaching your employees to be suspicious of emails asking for banking information or passwords should be part of your overall training program. And training employees not to divulge passwords or private information over the phone shouldn’t be overlooked when putting together your cyber security training program. Consider limiting access to sensitive data to a select few employees to minimize the risk of a data breach.

You neglect to back up your system or have a disaster recovery plan.

How many hours a day do you spend at your computer? Multiply that time by all the employees in your company and that’s a lot of data being accessed and stored that likely includes customer information, financial data and employee records. Imagine walking into your office one morning, turning on your computer and discovering your system is being held hostage by ransomware? And then that sinking feeling in the pit of your stomach reminds you that you haven’t been backing up your system. According to Symantec’s Best Practice Guide To Small Business Protection: Back Up Your Small Business Information, small to mid-size businesses only back up 60% of their company and customer data. In addition, 42% of small business customers have stopped doing business with vendors because of unreliable computers or systems. So not backing up your system and not being able to restore your data could prove disastrous for your small business. Being proactive rather than reactive is key.

I’m glad I didn’t open that email link I talked about at the beginning of this article. Your small business could be a hacker’s dream but a nightmare for you if they gain access to your computer system! No company big or small is immune to the dastardly deeds of the cyber criminal. Take steps to keep your data safe and your business running smoothly now and not when it’s too late.


    0 of 8192 characters used
    Post Comment

    • clivewilliams profile image

      Clive Williams 

      20 months ago from Jamaica

      Great pointers


    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at:

    Show Details
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the or domains, for performance and efficiency reasons. (Privacy Policy)
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)