Data theft has become a business in itself. Recently, cyber criminals have been selling stolen user data for large amounts of money. Granted, the prices of personal identifiable information (PII) including user names, addresses, and social media security numbers has reduced to just $1 per item, down from $4 per item in 2014, reports CNBC. However, cyber criminals are still making a lot of money from bank account details with some accounts attracting as much as $500 each. PayPal and EBay accounts are the two others that fetch good money on the "dark web" with a complete set of account logins selling for at least $300.
If you're a digital entrepreneur, you're likely to have most of, if not all, of these accounts. This makes you a prime target for cyber criminals. If they can penetrate your systems, they'd be able to get away with not only your business financial information but the information of your customers too!
Can you avoid being a target? No. What you can do however, is to make yourself a "hard" target. Here are a few tips from Business ID Theft on how to do this;
- Protect your business bank accounts from fraud
Under the Uniform Commercial Code (UCC) that governs business/commercial banks, businesses are less protected yet have higher liability for fraud than consumer bankers. You need to know your bank's reporting requirements so that you can report any fraud incidences promptly.
If you accept wire transfer, beware that it’s one of the most notorious avenues for fraud. The problem is usually worsened by the fact that wire transfer transactions occur quickly which may not give you a chance to catch the fraudsters. To protect your bank accounts, utilize two-factor authentication. Also known as dual-control authorization, this strategy requires two-party approval for the transaction to be approved. Even if a third party were to initiate the transaction, the fact that a second party is needed to complete the transaction acts as an added layer of protection.
- Beware of phishing scams
You can beat the cyber criminals at their own game by simply rejecting any messages that require you to "verify" your personal or financial information via email. The government, the IRS, and all legitimate financial institutions are aware of the risk of divulging such critical information online and will never ask you to do that. Therefore, if you or any of your employees receive a suspicious email, do NOT open it. Instead, notify your bank or financial services provider of the incident and they will help.
- Protect your business information
The first step here is to protect you business EIN to the best of your ability. If you need to provide the EIN whether for taxation purposes or wage reporting, beware that there could be thieves watching over.
When it comes to business documents and records, keep them safe in a secure location, away from the reach of unauthorized persons. For old documents that may no longer be useful to the organization, shred them securely using cross-cut, diamond cut, or confetti cut shredder.
Start by restricting the use of your business computers to business activities. Casual surfing, unauthorized access to social media networks, random download of programs, and online gaming should be forbidden.
To better secure your network, install an antivirus software/antispyware program. More importantly, ensure that the program is up-to-date and that it is always actively scanning the entire system and network to detect any potential threats.
If after implementing all these measures you still suffer an attack, contact a criminal defense lawyer that deals in computer crimes.