SMEs Are Most At Risk

SMEs at risk from cyber security attacks

Small and medium size enterprises are most at risk of email account attacks and here are three ways to protect your business. Or, at least greatly reduce the likelihood of your email accounts being compromised.

New research by ISACA shows that only 51% of technology professionals and leaders are highly confident that their cyber security teams are ready to detect and respond to the rising cyber security attacks during COVID-19. Additionally, 58% of respondents say attackers are taking advantage of the pandemic to disrupt organisations, and 92% say cyber attacks are also targeting individuals more.

The majority of cyber attacks are based on common weaknesses with an email setup that can be avoided, and which take advantage of an organisation’s email security weakness. The cybercriminals access employee’s mailboxes who hold financial responsibility in an organisation, mainly accounts, payroll and senior management, who can approve payments. They access the employee’s mailbox by discovering passwords through data breaches and then pretend ‘to be the employee’ by sending emails. Then, wait to gain an understanding of emails being sent and received with suppliers.

Then, at the end of a legitimate email thread to order goods from a supplier, the cybercriminal will send a final message to request that the payment is diverted to a new bank account. To cover their tracks, they delete the message from the sent and deleted folders, and if a response is received to acknowledge the change in bank account details, a mailbox rule is pre-setup to delete the response or move it to another folder, so the employee is not alarmed.

 
Attacks are becoming more and more sophisticated. Here are three ways you can protect your business emails:
  1. Multi-factor authentication: it helps block most attempts of unauthorised access to employee mailboxes. 
  2. Employee cyber security awareness training on email fraud helps key employees detect when fraud may be happening.
  3. Deploy a browser protection and monitoring as well as email fraud defence solution such as XSurflog that can detect and prevent fraudulent emails being sent from legitimate email mailboxes.

Following an incident, companies need to complete a forensic investigation. We provide cyber incident response services as well as managed security services for all companies located in Sydney. Contact us and we’ll walk you through everything to help you protect your small and medium enterprise.  

CATEGORIES

-

TAGS

- - - - - - - - - -

SHARE

Follow Us!

Facebook Twitter Linkedin Instagram
Cyber Security by Vertex, Sydney Australia

Your partner in Cyber Security.

Terms of Use | Privacy Policy

Accreditations & Certifications

blank
blank
blank
blank
blank
  • 1300 229 237
  • Suite 13.04 189 Kent Street Sydney NSW 2000 Australia
  • Level 4, 11 York Street Sydney NSW 2000 Australia
  • Goods Shed North, 710 Collins St Docklands, Melbourne, VIC 3008 Australia
  • Lot Fourteen, North Terrace Adelaide SA 5000 Australia
  • 44 Montgomery St San Francisco California USA
  • 9 Raffles Place #14-05 Republic Plaza Singapore 048619

(c) 2024 Vertex Technologies Pty Ltd.

download (2)
download (4)

We acknowledge Aboriginal and Torres Strait Islander peoples as the traditional custodians of this land and pay our respects to their Ancestors and Elders, past, present and future. We acknowledge and respect the continuing culture of the Gadigal people of the Eora nation and their unique cultural and spiritual relationships to the land, waters and seas.

We acknowledge that sovereignty of this land was never ceded. Always was, always will be Aboriginal land.