Month: November 2022

Your future self is going to deal with a cybercrime incident.

I appreciate that you would much rather get on with your day; however, we need to discuss something.

If you lose a piece of your digital world, it can upend your business operations for some time; it could be days, weeks, months even.

 I have three important questions for you

  • On what digital service are you reliant?
  • What would it mean for you if you lost it?
  • And finally, how good is your security for this service?

Let’s take a run-through and use an example; we’ll pretend you run sports classes and use an online booking system.

If your booking platform is hacked, the consequences could be:

  • Clients are unable to book; or worse still, clients are still booking, but you’re locked out.
  • You are unable to provide your service
  • Hackers may be able to change the email notifications and payment details to their own
  • You may be unable to contact your clients if the booking system is your only means of contact.
  • That the hackers extract your customer details from the platform, then individually target them with scams passing off as you. Using the information you hold to personalise their messages will make them more likely to pull off their fraud. 
  • Damage to your reputation and your trust relationship with your clients.
  • Financial loss for you
  • Your time commandeered

I think that is quite a long list of consequences.

What’s more, you need to re-establish your platform’s access and rebuild your clients’ trust. Finally, it’s worth noting that your clients’ details will forever be in the hands of these hackers now, as will yours.

While your business may not take customer bookings online, there will be a digital service on which you rely.

How is this service protected? How strong is your security?

A long and unique password, with a second factor of authentication (such as a code generated by an app), is ideal. Anything less than this, and you expose yourself to risk.

I believe in self-employed business owners taking action to protect themselves from cybercrime.

Securing the entry points to your business is vital for your survival. The only way to avoid being an easy target is to make a defence.

There are 7 things you must do before a cyber attack. If you would like a copy of my checklist to check off what you have and haven’t already done, then fill in the form below.

How did they get my password?

Picture this; you’re going about your business one morning when your phone rings. It’s a friend who’s just received an unusual email from you. No bother, you carry on.. it was just a one-off… but then you get three more calls saying the same thing and the fear kicks in.

Your email has been hacked.

You’ve been locked out.

Once you manage to restore access you’re greeted by an EMPTY inbox.

Everything gone.

This happened to a friend of mine recently. The hackers stole ten years’ worth of emails. Ten years’ worth of companies he has dealt with and knowledge of his solicitor, accountant, clients, and shopping preferences. The whole lot.

To get all this, all the hackers had to do was breach one password.

My friend had opened his email account a long time ago and had not updated his security; as such he didn’t have 2FA.

However…

How did the hackers get his password?

There are several ways for hackers to obtain passwords, or break into accounts.

A reused password
If the same password is used elsewhere and is stolen in a data breach, the hacker will then take the credentials they have and move laterally to test other sites.

You’ve lent the password to someone else
If you historically sent the password to someone else, perhaps by email, then this other person is hit by cybercrime and has their inbox breached.. the hacker will be able to find your password.

Malware infection on your device
This is malicious software that can arrive on your computer in multiple ways and if not caught can extract information; including passwords.
Software updates and antivirus software help minimize this event.

Public Wi-Fi
Connecting to public Wi-Fi means that you are on the same network as all other users, your devices are connected. The internet traffic to and from your device can be read by other users, with specific software and a bit of know-how. This can include unencrypted passwords.

Brute force
This is where a hacker uses software to breach your password; it will try thousands of combinations a second until it hits the right combination of characters.

My friend’s password was about as much use as a chocolate teapot.

The solution here is to enable two-factor authentication; which is a valuable second layer of security.

If you haven’t already now is a great time to review the security of your inbox. Make sure you have a long password that is only used for this account and set up that second layer of security.

Would a checklist be helpful?

There are 7 things that must be done before a cyber attack on your business. I have compiled a checklist for you to work through – please fill in the form below if you would like a copy.

7 things to do before a cyber attack

Please enter your email address here; your checklist will soon be on its way.
You will also receive regular security tips and advice by email.

Your subscription could not be saved. Please try again.
Your subscription has been successful.
We will use and protect your data in accordance with our Privacy Policy.
You can unsubscribe any time.

Follow me @be.secure.digital on Instagram