While some criminals may attempt to hack into a bank or other institutions to take our information, in some instances they can get it directly from us.
One of the most common is known as Phishing. In phishing an authentic looking email is sent perhaps stating that access to an account or subscription needs to be updated. A link redirects users to what appears to be the official website using maliciously registered or hacked domain names and victims unknowingly will provide personal information such as ID or passwords. In 2013 there were 72,758 phishing attacks worldwide.
Some phishing emails may have an attachment that installs a keylogger software to your pc that records every keystroke and then sends it back to the criminal.
While large corporations have set up departments within their IT organizations dedicated to prevent cyber crimes against their organizations small businesses are vulnerable to these attacks. But there are steps you can take to prevent from becoming a victim.
1) Beware of emails from unrecognized senders and/or emails that ask for personal information. Most organizations will not ask for your ID or password. If you have doubts you can always contact the organization by phone to verify an email is legitimate. (Never use a phone number from a suspicious email since it may be part of the phishing attempt)
2) Never click on links on emails or open attachments from emails from unrecognized senders. These can take you to alternate websites to gather your information or to install malicious sofware.
3) Make sure you have firewalls, spam filters, anti-virus and anti-spyware on your pc. This may prevent such emails or detect malicious software within the email.
4) Always check your accounts regularly. Always open a new web browser and type the web address. This will ensure that you land on the official website.
Preventive measures can help small businesses and their owners from ensuring that they are less likely to become victims of a cyber crime.