Since the COVID-19 pandemic began, Elavon Europe customers have seen a large increase in attempted cyberattacks on their systems. That’s why we continue to work with trusted security partners such as SRM Solutions and Foregenix to keep you and your customers’ payments data safe – but if you run a business, you need to play your part as well.
You’re a small business owner - perhaps a bookseller or a florist – and you’ve set up an online store to capture new customers, or offer regular customers a convenient way to buy.
You’ve bought an off-the-shelf online store, a cheap one that does the job, or a plug-in for your existing website that allows you to take online payments.
Your business is doing well, and your online sales are increasing year after year.
Then you get a call from your acquiring bank – your website has been breached, and your customer data has been stolen.
This wasn’t just a smash-and-grab transaction by a teenaged hacker in his bedroom. This was a slow burning theft committed over a number of weeks by a sophisticated organised criminal gang in perhaps Russia or China.
Panic ensures – how could this happen? You bought your online set-up from a reputable company. You’ve been vigilant, haven’t you?
Unfortunately, most data breaches of this sort happen to small businesses. And 60% of those businesses go under within six months [1] because of remediation costs and fines, if not reputational damage.
And what about your customer data – where does that end up? Most of it ends up being sold on the dark web, in an online supermarket of sorts alongside drugs and child pornography. Your customers’ have had their bank accounts raided, and your business is to blame.
It sounds harsh but this is the reality when a business – of any size – fails to invest both money and resources in data security.
Protecting your business online is essential in the digital age, says SRM Solutions’ Alan Batey.
“A lot of smaller merchants think ‘if it’s not broken, don’t fix it’, but that thinking needs to change.
“They are either ignorant of the risk to their business, or don’t want to pay for developers to patch their website. And an unpatched website is a vulnerable website.”
Alan says one of the worst cases he has seen was when a merchant had a spreadsheet containing the credit card details of 8000 customers saved to their desktop. The computer was hacked via their online store, the file stolen, and the data likely sold online to the highest bidder.
“Cybercriminals are not compassionate. They don’t care what the consequences are for you because of a data breach,” Alan says.
Foregenix’s Ryan Marshall says small business owners are often overlooking the fundamentals of data security, such as changing passwords regularly, and using multifactor authentication to login.
He says there is a need to be proactive rather than reactive to deter cybercriminals from any low-hanging fruit.
“Business owners should be doing their own due diligence, such as making a small payment through their own website as a customer would to see if there are any red flags.
“At the end of the day, hackers are not looking for a challenge. It’s a bang for buck business – get in, and get out with as much as you can.
“As long as you are more secure than other businesses, you’re better off.”
Sources:
[1] Inc. – May 2020