Advances in technology are great, but the downside is that when you use technology, you are leaving yourself open to all kinds of cyber crime and security threats. Among those threats is the risk of ransomware, which the Australian Competition and Consumer Commission (ACCC) has been steadfastly warning small businesses about, following a spike in scammers targeting small businesses.
Sound like gibberish to you? Don’t be alarmed; instead, be informed. Let’s take a look at this cyber security threat in, hopefully, plainer and clearer terms.
What is ransomware?
According to the ACCC, ransomware is “a type of malware that infects a computer system by restricting access unless a ransom is paid to the scammer for the restriction to be removed”. Essentially, these scammers are kidnapping your data, which includes, but is not limited to, things like your financial records and customers’ personal details.
What usually happens is the malware will be downloaded on your computer and then you’ll receive a message from the criminal letting you know that your files have been locked and they will only unlock them if you pay a certain amount of money.
However, given these are the types of people who commit crimes, they can hardly be trusted to unlock your files even if you do cough up the cash they’re asking for. Read: If this happens to you, do not give these people any money. Instead, report it to the authorities immediately.
The biggest concerns in terms of the effects these types of scams can have on your business include the following:
- Loss of all company data
- Inability to operate your business for a period of time due to inaccessible computer systems
- Business data, including sales figures and customer details, being made publicly available
Surely no one would fall victim to these ridiculous scams, though, right?
Ransomware scams are typically successful because they tend to seem as though they are official messages from a government agency or a legitimate company (for example, Australia Post), and these messages usually come in the form of an email. Most often, these emails come with an attached file that, once opened, will install the ransomware on your computer.
While it may seem as though it would be easy to tell the difference between an email from a scammer and one that is legitimately from a government agency or business, scammers are going to great lengths to make these emails convincing.
They do things like changing or amending logos and letterheads to make them seem legitimate, or they create websites that are fake but look like the real deal. They have even managed to gain access to businesses’ correspondence with suppliers and then they copy the style of those emails so that they seem real.
Another method scammers use is pop-ups. For example, in Australia, a number of businesses and consumers reported receiving pop-up alerts claiming to be from the Australian Federal Police saying that the user had visited an illegal website. These pop-ups contain links, which, when clicked, download malware onto your computer.
Even the smartest among us can fall victim to these scams. Small businesses, in particular, are a common target for scammers because larger businesses tend to have greater resources to combat the risk of these scams, including staff whose key responsibilities are aimed at keeping company data safe.
How can I protect my small business against these scams?
Here are some suggestions to enhance your chances of not becoming a scam victim:
- Get a pop-up blocker, which will pop things down before they can pop up.
- Get yourself a firewall, as well as some decent anti-spyware and anti-virus software.
- Backup your data on a separate hard drive and do it often — this means you’ll have access to your data even if you do fall victim to ransomware.
- Be aware that government departments won’t usually try to communicate with you in the form of an email or a pop-up. And if they do happen to send you an email, they usually won’t ask you to download a file or click on a link.
- If you get an email from an organisation — be it a government department, a well-known company or a company you do business with — and it seems a bit dodgy to you, don’t open any attachments, click on any links or make contact using the details provided in the email. Instead, go to their website to get their contact details and call that organisation directly to confirm the email is legit.
- Emails that you seemingly receive out of nowhere are a warning sign, particularly if they contain zip files or .exe files — which you should absolutely NOT click or download.
Where can I get more information?
ScamWatch has resources specifically for small businesses.
- The small business scams fact sheet (http://www.accc.gov.au/publications/small-business-scams) details the most common scams affecting — you guessed it — small businesses.
- You can stay on the ball by subscribing to the ScamWatch newsletter (http://www.scamwatch.gov.au/news/subscribe-to-newsletter), which will send you emails on all the latest scams (an email about email scams, if you will).
- Find tips on how to protect yourself against scams at http://www.scamwatch.gov.au/get-help/protect-yourself-from-scams.
If you’re a small business who relies on the internet, email, websites, computer programs, data and who stores private information about your clients, you should consider Cyber Liability & Privacy Protection. This type of insurance can cover your business against third party claims for a failure to keep data secure, business interruption (such as reimbursement for lost profits) and remediation costs.
At Coast and Country Insurance Consultants, we offer a range of services for all your business needs. Let us help you find the right cover for your individual circumstances. By taking the time to assess your situation, we can ensure all of your business requirements are being met so you can rest assured that you are properly covered.
Call us today on 02 4334 3622 or complete our quick enquiry form below:
Coast and Country Insurance Consultants Pty Ltd is an Authorized representative of NAS Insurance Brokers AFS Lic: 233750 (General Insurance) / Coast and Country Insurance Consultants Pty Ltd is a corporate authorized representative of PGW Financial Services Pty Ltd AFS License No 384713 (Life Insurance)
General Advice Warning: The content of this article is general advice only and should not be acted upon without first consulting an industry specialist as it does not take into consideration your personal needs, objectives or financial circumstances.