Some of the very best business ideas in 2021 were created by entrepreneurs and small business owners launching companies from home. Given the cost savings, the convenience, and the ongoing risks associated with the COVID-19 pandemic, it is likely that business ideas in 2022 will continue this route.
Running a home business can create incredible opportunities for success but it can also mean vulnerabilities in terms of data protection and online security.
When operating a home business, it is critical to think carefully about cybersecurity and take every precaution to prevent falling victim to phishing attacks or other types of scams.
To help you protect your livelihood or launch your business on the right foot, Canadian Cloud Backup has put together this guide to common scams, tips for avoiding them, and software that can support and bolster your efforts.
Cybersecurity Threats Facing Your Home Business
The internet has presented a wealth of opportunities to business owners looking to provide products and services to a wide range of people. But the internet has also provided opportunities to cybercriminals.
And over the years, these criminals and their scams have only become more complex and more difficult to spot.
Here’s what you need to know about these scams and how to spot them!
What is Phishing?
Phishing scams are, unfortunately, very common. Since the beginning of the COVID-19 pandemic in 2020, Statistics Canada has reported that more than 1 in 3 Canadians has received a phishing attack.
So what exactly is phishing?
Phishing is a malicious attack carried out through social interactions, primarily email or text interactions. The attacker’s goal is to steal things like user data, login credentials, and credit card numbers.
In these instances, cybercriminals will send a message that appears to come from a legitimate and reliable source, tricking the recipient into clicking a malicious link. Clicking the link will then install malware, reveal sensitive data, or freeze system access as part of a ransomware attack.
How to Spot Phishing Scams
Cybercriminals work incredibly hard to make phishing scams difficult to detect. This is why you need to be especially vigilant when clicking any emailed or texted link, especially if you weren’t expecting it.
Indicators of a Phishing Scam
Here are some things to look for that can indicate a phishing scam:
- Threatening language or language that pressures you to take action immediately
- Requests to “verify” your password or requests for personal information
- Unexpected messages declaring you the winner of a contest or lottery you never entered
- Confirmations of appointments you didn’t make (especially related to COVID vaccination appointments)
- Spelling and grammar errors, design flaws, and email addresses and links that don’t look quite right
Common Tech Support Scams
Sometimes, cyberattacks will be hidden behind seemingly helpful information.
As a business owner, you will, justifiably, be concerned with online security and maintaining the health of your hardware. Unfortunately, malicious actors know this and will attempt to take advantage.
Here are some common tech support scams:
Unknown warning pop-ups: In this instance, a pop-up window will appear claiming some security issue or vulnerability on your computer. It will then ask you to call a number or click a link to resolve. If you call, the person on the other end of the line will seek to resolve the problem by asking you questions, and potentially “identifying” even more problems, all in the effort to extract information from you that can be used to access your accounts. Clicking a link will install malware on your device.
Unsolicited call from tech support: Someone will call, usually claiming to be from a reputable company like Apple or Microsoft, and tell you that they need remote access to your computer to correct a security concern. They will usually then email you a link to grant this access that, in turn, installs malware. Or, these individuals may try to pressure you into buying software that you don’t need to protect against a problem you don’t have.
Unsolicited email about a suspended account: You will get an email saying your account has been suspended and asking you to click a link to resolve the problem. With so many businesses operating remotely, scammers have taken advantage by sending emails that say you are missing a Zoom meeting. And, of course, once you click the link in the email, malware is installed.
Tips for Improving Online Security for Your Home Business
The good news is that there are several steps you can take to protect yourself from phishing and tech support scams!
Here are some tips for increasing cybersecurity and keeping your operations and sensitive data safe:
1. Take a Skeptical Approach
View any emailed or texted links with a healthy dose of skepticism. Do not click links or download documents you were not expecting to receive. If you get a link and you think it might be legitimate, go directly to the company's website and follow the instructions or use the contact information found there to ensure your safety.
When it comes to documents, most businesses will not send you a file without you requesting it first.
If you are still unsure, create a new message, using the contact details on the company’s official website, and inquire. Do not reply directly to the suspicious email and do not use the sender’s address. Be aware that scammers can spoof legitimate email addresses from people you know and work with so if something doesn’t feel right to you, reach out to that person directly, in a separate chain.
Similarly, if someone calls you, out of nowhere, seeking remote access to your computer, do not give it to them.
2. Upgrade Microsoft 365
Businesses of all sizes rely on Microsoft Office 365 for day-to-day operations. But many new or home businesses are using this tool under the wrong license. Not only are the Home and Personal not licensed for commercial use, they aren’t as robust in the security features you’ll need to move forward with confidence.
Upgrading to one of the Business and Enterprise Office 365 plans will allow you to maintain access to the Microsoft tools you need but also provide you with Canadian support and built-in data security features.
3. Back Up Data to the Cloud
We live in a world where anything could happen. Hiring a company like Canadian Cloud Backup means that your business will be prepared for any situation.
Using cloud backup tools, like Acronis or Veeam, gives you excellent options should you be compromised. First, it means that your critical data and files are not stored on-site, so, should you experience something like a fire or your home is burgled, you will still have access to everything you need to move forward.
This also means that should you experience a ransomware attack and be locked out of your files, you have an easily accessible recovery point.
4. Use a Cloud-Based Recovery Plan
As a home business, it is likely that you do not have the staff or the resources to institute a full data recovery plan. But, it should definitely be on your radar.
Using a cloud-based recovery plan can reduce the resources you need to get started (time, money, and personnel) while eliminating the risks you face should your worst-case scenario become a reality.
A cloud-based recovery service provider makes sure the plan is easy to implement, less expensive to maintain, and guarantees industry-specific regulations (like HIPAA and PIPEDA) are followed.
5. Install Antiviral and Antimalware Software
There are many great options available when it comes to antiviral and anti-malware software.
To determine which one is right for you, you’ll need to consider your specific needs. What is your budget? How sensitive is the data you need to protect? Is the software bulky and detrimental to processing speeds?
Free options like Microsoft Defender are available if you have minimum security needs. But if you are in an industry that gives you access to the financial, personal, or health data of your clients, you need to bite the bullet and pay for more robust protections.
Once you have identified the proper software fit, make sure you have the features configured properly and that the software is kept up to date. Cybercriminals don’t rest, and neither can you!