4 Common Cybercrimes and How to Mitigate Your Risk

Far from harmless, cyberattacks put individuals and companies at risk and threaten the financial security of businesses and the economy. According to cybersecurity company PurpleSec, cybercrimes have increased by 600 percent since the start of the COVID-19 pandemic, leaving more and more businesses at risk. 

The FBI takes the lead in investigating cyberattacks and offers ways individuals and businesses can protect themselves against destructive cyber activities. Here are four common cyberattacks retailers face and steps they can take for each to protect their businesses. 

Business Email Compromise

With business email compromise (BEC) crimes, criminals send a legitimate-looking email that includes some type of financial request. For example, an email comes from a vendor your company works with asking you to send the payment to a different address. Scammers use malware to gain access to company emails with invoice information or send spoof emails in order to trick the recipient. 

How to protect yourself: 

1. Keep your personal information protected online by not sharing pet names, schools you attended or other common password sources. 
2. Don’t click on unsolicited emails or text messages that ask you to update your account information.
3. Double check email addresses and URLs to be sure they’re legit. 
4. Scan any attachments before you download. 
5. Use two-factor authentication.
6. Verify payment and purchase requests, especially if the requester is pressing you to make payment quickly. 

Identity Fraud

When someone uses your identity to commit a crime, that’s identity theft. Identify theft can happen to anyone, regardless of age, gender, race or other factors and can cause major headaches, financial stress and can ruin a person’s credit and reputation. 

How to protect yourself: 

1. Read credit card and bank statements each month looking for discrepancies. 
2. Never give your credit card number over the phone unless you initiated the call and trust the recipient. 
3. Report suspicious activity on your credit card or bank statements. 
4. Review your credit report every year. 
5. Shred documents with personal or financial information. 

Ransomware

Ransomware is software that criminals use to keep a company from accessing computer files, systems or networks. The criminals then demand a ransom from the company to receive access to their locked files. Ransomware can be installed from opening an email attachment, clicking on an ad, following a link or visiting a website that has malware buried in it. 

How to protect yourself: 

1. Keep software and applications current and up to date.
2. Use anti-virus and anti-malware software, and update the software regularly. 
3. Back up data frequently and secure your backups. 
4. Create a continuity plan to deal with any ransomware attacks. 

Spoofing and Phishing

Spoofing occurs when a criminal uses an email address, sender name, phone number or website URL that looks similar to a legitimate one in order to manipulate individuals to download software, send money or share personal information, which are all common phishing schemes.

Phishing can also take place over the phone, voice email or voice over internet protocol, which is known as vishing, and can also happen through text messages, called smishing. Pharming, another type of phishing, is when a criminal installs code into your computer to redirect you to a fake website. 

How to protect yourself: 

1. Don’t click on unsolicited emails or text messages or download suspicious files. 
2. Be wary of companies asking for your username or password.
3. Double-check email addresses and URLs. 
4. Set up two-factor authentication. 
5. Don’t share personal information online. 

Click here to read how two retailers resolved ransomware attacks on their businesses and get their insights on how the industry should take necessary precautions.