Top Cybersecurity Threats for 2023

Top Cybersecurity Threats for 2023

This New Year predicts some “oldies but baddies” that we all still need to watch for, along with some newer, more evolved, and dare we say, more efficient schemes.

As if Covid, the economy, and inflation have not made things difficult enough for small businesses, cybercriminals are now specifically preying on businesses that have become short staffed. Here is what to watch for this new year.

Attack of the Business Email

Business Email Compromise (BEC) is top of the list because it’s become extremely profitable for scammers. They send spoof emails that appear to be coming from the head of your company, a known vendor, or even a trusted co-worker. A typical scheme is “payroll diversion.” The scammer emails someone in payroll to update them on an employee’s direct deposit information. It looks legit, as it’s from the employee’s company email address. Other schemes are masquerading as a vendor you know, who sends an invoice via email with and updated mailing address. Or the company’s CEO emails an assistant to purchase gift cards.

The possibilities are limitless with BEC, but there are some telltale signs. Often the sender creates a sense of urgency, compelling the recipient to act immediately. There may be errors in the email, or multiple emails are sent. Some BEC frauds are easy to spot, most seem credible enough that it’s become a growing enterprise with criminals.

Malware + Ransomware

First they get malware into your system to take control. Then they take over your computer systems and hold your files hostage until you pay a ransom. This puts a business owner in a terrible position. But paying the ransom is no guarantee they’ll get their files back. Small business owners often pay up, which may get the files back but emboldens and enriches the criminal to do it again.

Pig Butchering Crypto Scams

This scam usually targets individuals, but companies should be aware of it because it could affect employees. It involves gaining someone’s trust via social media, and introducing them to a site where people invest in cryptocurrency. The target sees that others are making a killing off crypto and decides to try it with a small amount of money. The criminals generate a nice return for the target, encouraging a bigger investment. Once the victim invests a large sum of money (fattening the pig) they get butchered. The criminals drain the account and disappear.

The Phishing’s Not So Good Anymore

Phishing scams may be on a downward trend, just due to the fact that they were so prevalent people actually became wise to them. But do not let your guard down. They’re still out there, generally in the form of an email from a trusted party, with a link that is inviting to click. All employees should be trained to avoid links in email unless they are certain they’re from a legitimate source.

Cybercrimes on Mobile Devices

According to Verizon, mobile cyber crimes shot up 22% in 2022 with no slowing down. Businesses are now routinely using mobile devices to conduct business, and SMS-based authentication has become less secure. Businesses should use multi-factor authentication to protect their mobile security.

Scamming is Getting Easier

It’s now easier for less savvy criminals to get a payoff without getting caught. The advanced technologies and business structures created for legit businesses are now being used in the underworld.

AI Being Used by Scammers

With advances in AI (Artificial Intelligence), it’s much easier for a criminal to imitate real people with live deep fakes, tricking them into handing over sensitive files or financial information.

Cybercrime as a Service

Cybercriminals want to maximize profits like any legitimate business and have become so sophisticated that they offer their services to other criminals. We’re not joking. There are underground marketplaces that allow newbies to the cybercriminal underworld everything they need to wreak havoc on businesses and pay for it in crypto. They can purchase stolen credentials, credit card info, phishing start-up kits, turnkey malware, anything their evil hearts desire to defraud your business.

We’re Making Scamming Harder

As always, the best defense is a good offense. You need proper security measures in place, but also a vigilant team looking out for your interests. We make it our priority to keep our clients’ networks secure against all known threats, and stay up to speed on potential future threats. It costs so little to protect your business from cyber threats, especially when you consider how much even one small attack can cost in terms of lost revenue and reputation.

Give us a call and we can help you assess your vulnerability to cybercrime and show you how to avoid it.

Call 678-389-6200.