Protecting Your Business from Cyber Security Risks

Protecting your business from cyber security risks

It’s Monday morning, and you are checking your emails to start your week off on the right foot. You see that you have an “Urgent” email from a trusted financial institution requesting immediate action on your part. The email is telling you that they are updating all client files, and that in order to comply with this important undertaking, you have to open the attachment, complete a form with updated personal information and send it back as soon as possible. You notice that the email address from whence the email came is different from the one usually associated with your bank, but because of the alarmist tone of the email, you do exactly what has been requested, no questions asked.

What is wrong with this picture? If you say “Nothing”, then you will run into some major problems. By not being able to identify the security risks in the above scenario, you are putting yourself and your business at great risk for security breaches, and other cybercrimes.

Let’s take a closer look at the scenario, and unpack the red flags:

Red flag #1: First and foremost, a financial institution would never solicit you in this way. They know better than to ask customers to provide highly sensitive information via email or even phone. Normally, they would ask you to go to the website yourself to make any necessary updates; some institutions will not even provide a link due to the potential security risks, such as being directed to a counterfeit website.

Red flag #2: The email address looks suspicious. If your financial institution’s email address is usually “noreply@YFI.org”, then anything other than this should be viewed warily. If you get an email that appears to be from them, but has an email address like this, “noreply@YFI-banking.org”, then there is a very good chance this it is a fraudulent email. Pay attention to the domain name (what appears after the ‘@’ symbol), and how it usually appears in a non-fraudulent email. If in doubt, contact your financial institution to ask if they sent the email.

Red flag #3: The email is asking you to open an attachment. Again, a financial institution would not send you an attachment. Rather they might provide you with the steps to locate the important documentation on their trusted and secure website, and not through email. Fraudulent email attachments from people and organizations that you don’t know are especially risky as they can contain malware.

Red flag #4: The email is requesting highly sensitive personal information. It cannot be reiterated enough that a trusted financial institution would never ask you to provide personal information through email. Providing personal information puts you at risk for identity theft which can seriously harm your finances, credit rating, personal and professional relationships and other aspects of your life.

Don’t feel bad if you did not recognize any of these red flags – now you do, and you will be better off because of it. To further protect yourself and your business, take heed of the following tips:

  • Educate yourself and your team about cyber security risks. Take advantage of learning about what the latest risks are and how you can avoid them by participating in free webinars and reading online articles and insights from trusted sources. IT security organizations like McAfee and AVG have loads of useful tips and tricks.
  • Protect yourself against hackers, viruses and other potential security breaches. Get a good antivirus software, create complex passwords (and change them regularly!), and use data encryption technology to further protect sensitive data from being compromised.
  • Create and maintain internal and customer-facing risk management policies and procedures. This will protect you from the inside out, and the outside in. For internal policies that concern employees and business partners, keep access to sensitive data limited, and do background checks if you feel this is necessary.
  • Make all of your customer-related policies and procedures accessible in writing. Include refund, billing and shipping policies, privacy and security policies, etc.
  • Familiarize yourself with the contracts you have with your financial institutions and other business partners. Know your liability in case of losses through fraud and other security breaches.
  • Remove and destroy the hard drives of old computers and devices (don’t merely dispose of them). Also, it’s good practice to shred and properly dispose of paperwork containing sensitive data.

Just because you have a small or medium-sized business does not mean that you are immune to the countless cyber security risks out there. In fact, online predators specifically target smaller businesses because of their lack of knowledge and training on security. By learning everything you can, you are preventing yourself, your assets and your customers from falling prey to the potential threats lurking in your emails. For more tips on securing your e-commerce business, visit the Security Centre of the DalPay Blog and follow us on Facebook and Twitter.

Advertisements

Introducing the DalPay Security Centre

seccenter

Last October, the DalPay Blog officially went live. Since then we’ve been consistently delivering high quality content about DalPay, CCNow, and the current and future state of the online payments industry.

From the latest news and updates about the company to strategic advice on how to maximize sales and keep your website secure, we’re committed to providing you with only the most accurate and useful information that will help you achieve your personal and professional goals within e-commerce.

So that you can always find the information you need, we have broken down our blog content into a few different categories. Today, we’d like to introduce to you:

Security Centre

For over 10 years DalPay has been one of the world’s leading providers of payment processing services for online merchants all around the world. E-commerce is our forte and this blog provides us with an opportunity to share the expertise gathered in our years of experience at the ground floor of this rapidly expanding industry.

Our goal is to help you strengthen and grow your online business, and that would not be possible without focusing on one of the major drawbacks of e-commerce: cybercrime. Our Security Centre is a place for us to keep you up to date with the latest news and developments in cybersecurity and provide you with the tools and techniques necessary to maintain the highest level of security for your business and your customers.

For an example of the subjects we will be dealing with, take a look at our past articles in this category:

Keep up to date with our latest posts to learn how to adapt your business in real time, stay ahead of the curve and keep yourself safe from fraud. Come back on February 12th for the next article in the DalPay Security Centre: “Are Mobile Payments Truly Secure?”

You can also follow the latest industry news on our Facebook and Twitter pages and by subscribing to the DalPay Blog.