Large companies aren't the only ones targetted by cyber criminals.In fact, with only a third on average investing in IT, small to medium sized businesses (SMBs) are leaving themselves wide open to attacks by cyber criminals.* In the past year, security breaches have caused SMBs losses of £3.37m in lost revenue and damaged hardware.** However, despite several high-profile hacking cases reported in recent years, SMB employees are alarmingly unaware of how to distinguish between genuine and fraudulent emails and web pages. Furthermore, only 43% of SMBs use spam filters, while 6.3% do not take any measures at all to protect their business online.

Stolen data does not only pose a risk to SMBs' finances but can also be hugely damaging to reputation. Loss of company or customer information can result in loss of confidence among consumers and other businesses alike, and SMBs often do not have the resources to survive such damages to reputation. An anti virus solution is therefore extremely important to protect against these threats, and several cost-effective and easy-to-implement options exist on the market.

Research highlighted January to April as a particularly sensitive time window for SMBs, when fraudulent emails and malware designed to compromise IT security are especially prevalent. During this time payments and transactions to tax and revenue agencies are at their highest. As a result, the volume of cyber attacks is also higher, and extra caution is vital in order to keep financial and personal data out of the hands of cyber criminals.

The most common fraudulent messages directed towards SMBs are designed to appear as if they have come from banks or financial institutions like the HMRC. The research highlighted an extremely concerning trend: 56.9% of SMBs surveyed had received fraudulent emails asking for money, 36.8% had received fake tax rebate emails and 12.3% had been directed to a fake government web page. Yet without IT security measures, only 57.7% of SMBs surveyed reported being able to spot a fake tax email, while less than a third were confident they could spot a fake website. 

Moreover, only30.5% of SMBs surveyed would think twice about clicking on a link directing them to the HMRC site. SMBs within the Legal sector were worst at this, with only 11% being cautious about clicking on links posing as the HMRC, regardless of HMRC advice.  Fraudulent messages will direct SMB employees to click on links or reset password details in order to gain access to their companies' data in the style of the following:

1.        A secure message is waiting for you, click here to read.

2.        Your account will be closed within 48 hours if you do not respond.

3.        Please reset your online banking password.

4.        Click the link below to gain access to your account.

However, only 58% of SMBs surveyed reported being concerned about loss of company or customer information, social engineering or employee identity theft. Sales, media & marketing, travel & transport and the arts & culture sectors are particularly poor at investing in IT security (12.5%, 22.7% and 21.6% of SMBs in these sectors implementing IT security measures respectively) despite over half of SMBs reporting regularly opening emails from unknown sources. As a result, 12.7% of SMBs surveyed reported having had personal/bank details or money stolen, and 8.5% had been hacked.

An anti virus solution is critical to protecting SMBs finances and reputation.  This kind of software can be installed on mobile phones, tablets and PCs and should incorporate Internet security for web browsing as well as firewalls and email and Instant Messenger defences. Neither can exercising good judgement be overestimated. 

Businesses must educate their staff about fraudulent emails; for example, to avoid responding to emails beginning with generic phrases such as "dear customer". Many spam emails use this format, which will never be used by legitimate sources which will know employees real names. Combining awareness with a robust anti-virus suite is the best way for SMBs to keep their ‘money window' safe.


Mike Foreman, Senior Vice President of Global Sales , AVG Technologies