Small business cybersafety starts with the basics

Cyberattacks of small to medium-sized businesses are on the rise, and 95% of cybersecurity breaches are due to human error. That means you and your staff are the first line of defense protecting your business.

Here’s how to become more cyber savvy.

Learn about the most common types of cyberattacks impacting businesses. You have probably heard these terms before, but do you know what they actually mean?

Phishing — Cyber criminals use emails and websites to collect personal or business data, such as banking credentials, addresses and clues about passwords. Sometimes instead of requesting information, victims are encouraged to click links that launch computer viruses. Emails are often disguised to look like they came from a familiar person or business. Ninety-one percent of cyberattacks originate this way.

Email scams — Email scams run the spectrum, but may include accusatory statements saying your business has done something unlawful and threatening to take legal action, saying you owe past due monies or offering goods or services to help your business.

Malware — Short for “malicious software,” malware is software designed to disrupt or destroy. It downloads onto a computer, a network server or mobile device without your intention or awareness. Malware includes viruses, ransomware, spyware and more. It’s often used as a means to collect private information, such as passwords, medical records, bank data, etc.

Minimize human error that puts cybersecurity at risk. Train yourself and your employees to think before they act and create good cyber-ready habits. If something seems off or too good to be true, it probably is.

1. If an email seems strange, even from someone you know, follow that instinct. Do not interact with the email. Contact the sender directly to confirm the email is legitimate.
2. Pay close attention to the websites you visit. Watch for quiet URL redirects, incorrect grammar and frequent misspellings. Protect against phishing and malware with these tools from Quad9 of Domain Name Systems that prevent access to sites known to be malicious.
3. Do not provide personal, password or financial information.
4. Keep malware scans and virus protection updated and running.
5. Use system firewalls to protect your system against suspicious incoming messages and websites.
6. Visit only reputable websites and avoid social media hooks that ask for personal information.
7. Create secure passwords and update them frequently.
8. Utilize the Center for Internet Security Hardware and Software Asset Tracker for sensitive information.

The Mastercard Trust Center offers free cybersecurity education, resources and tools — plus low-cost cybersecurity products — to help small and medium-sized businesses improve security. Select one of three learning journeys based on your level of cybersecurity expertise. Choose from Learn the Basics, Expand Your Knowledge and Master Your Security.