Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Small and Mid-Sized Businesses Unclear on Threats from Online Fraud

As the number of cyber attacks against businesses increases, the majority of small and medium-sized businesses (SMBs) are not familiar with many of the online threats they face.

A recent study of executives and finance professionals from SMBs across 38 industry sectors in the United States showed that 63 percent worry about cyber theft, yet lack knowledge on how to protect their businesses.

As the number of cyber attacks against businesses increases, the majority of small and medium-sized businesses (SMBs) are not familiar with many of the online threats they face.

A recent study of executives and finance professionals from SMBs across 38 industry sectors in the United States showed that 63 percent worry about cyber theft, yet lack knowledge on how to protect their businesses.

Conducted throughout January 2010, the independent survey released by Panda Security showed that despite highly publicized cyber attacks against businesses, most are not familiar with the banking Trojans used to attain access and steal from their online accounts. In addition, 11 percent of SMBs reported experiencing at least one incident of online fraud.

Businesses don’t appear to fully understand the financial impact these threats can have on their organizations. Sixty-three percent of organizations surveyed said they strongly or somewhat believed their bank would reimburse any funds lost resulting from online fraud. For those businesses that have been a victim of loss due to online fraud, only 37 percent said all of the stolen funds were actually returned.

“While online banking security is a general concern among most SMBs, most of them have little knowledge about the specific threats targeting organizations of their size,” said Sean-Paul Correll, threat researcher at PandaLabs. “In addition, U.S. law puts the burden on business owners for keeping funds secure, rather than the banks. The majority of SMBs surveyed weren’t aware of this fact, which means they are operating with a false sense of security.”

Other key findings from the study include:

o 58 percent of respondents do not have insurance to protect their business from banking fraud or identity theft, or are unsure if they have any protections in place.

o 64 percent of respondents have protective and/or procedural methods in place at their organizations to detect or prevent online banking fraud.

o 15 percent of respondents have not updated security software on all systems where online transactions are conducted or are unsure of the status of their security software altogether.

According to the study, 71 percent of SMBs are at least somewhat likely to implement new protective or procedural methods in the future to prevent online banking fraud.

Current Federal laws require banks to reimburse individuals for such occurrences, limiting the loss to $50 if the bank is notified within two business days. Business accounts, however, do not have these protections.

Written By

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.