For small businesses, it’s easy to overlook cyber security and it’s often an afterthought while big businesses safely bask in the protection of dedicated IT departments. However, this can be an expensive mistake with two-thirds of small companies falling victim of an attack.

Fortunately, this doesn’t have to be the case for you. Most scams actually rely on user complacency and aren’t as sophisticated as you’d expect. The best thing for any small business is to practice vigilance and these few simple steps to protect your business.

First, make sure you’re informed. Established techniques used to commit fraud include “phishing” attacks and Trojan viruses.

Phishing uses email to trick you into giving out personal information, such as bank log-in details, or getting you to download malicious software (malware).

Trojans are a common type of malware and can be installed on your computer without you knowing. They can be designed to do many things, including steal money from your account.

Convincing imitations
Phishing works by sending you an email pretending to be from a genuine company, like your bank, often convincingly imitating the company’s branding and tone. Criminals can also spoof email addresses, so an email may look as if it is from someone in your own company.

The email might ask you to click on a link, taking you to a fake website where you’ll be asked to input your information, where it’s captured. It also might ask you to open an attachment, which will then install malware such as a Trojan.

Phishing emails can be very convincing, especially if you’re skimming. Protect yourself by checking whether you recognise the sender’s address and if tone and language used is normal for them. Watch out for red flags that instill urgency and whether you’d expect this from the sender.

Play it safe
Be suspicious of all unsolicited emails, particularly those that ask you to make a payment, open attachments or click hyperlinks. Verify all email requests by telephoning the sender on a number taken from your own records.

This will help prevent Trojans from being installed, but it’s important to keep your computer safe in other ways too.

Install a firewall and antivirus software.

Keep this software up to date, as well as your operating system and your web browser. Block access to websites your staff don’t need for business. Don’t conduct sensitive transactions over public wi-fi networks or while using internet cafes, as these can be insecure.

Finally, make sure your staff are informed, trained, follow these rules and are as vigilant as you. All it takes is one mistake to leave you vulnerable.