Small Business Saturday is the perfect opportunity for customers to explore local or regional small businesses, support their local economy, and get to know the businesses within their community.
Right after Thanksgiving, Small Business Saturday kicks off the busiest shopping season of the year. As the shopping holiday rapidly approaches, businesses everywhere are doing everything they can to prepare for and contend with the ongoing challenges brought on by the pandemic.
This year, Small Business Saturday is a chance to support and champion businesses hit hardest during 2020. Brick-and-mortar small businesses rely on foot traffic and in-person customer interactions. This year, they have already had to pivot, change, and transform their business models to meet customers where they are now — at home. Small businesses have increased their website capabilities, adopted curb-side pick ups, or partnered with larger delivery services to connect to their customers.
As these new business avenues have been adopted, additional marketing and customer engagement programs have been set in motion. Local shops have expanded their online presence with email marketing campaigns, created larger online presences and experimented with increased digital advertising. With these adaptations, there are also greater risks for being a cyber crime target. For a smart small business, preparing for the holiday shopping season also means reassessing and reaffirming cybersecurity posture.
Phishing scams during the holiday shopping season are almost a given. Phishing emails can range from a fraudulent email sent by a business owner to an employee asking for personal data verification or a malicious email disguised as a promotional offer to customers. These emails often include small clues like misspelled email addresses or mismatching url destinations.
While it can be tempting to look at cyber crime as a distant problem or one that is more likely to happen to a larger enterprise, the reality is that small businesses are as frequently the target of cyber crime. This can wreak havoc in a number of ways from leaking customer data and damaging customer trust to even debilitating critical business operations. Phishing attacks are just one of the most common and simple ways that a potential bad actor could cripple an otherwise healthy business.
Phishing attacks can generally be spotted with some fundamental “basics” on what to look out for that can significantly help businesses, their employees, and their customers identify fake emails and questionable notices in their inbox. Businesses should always be encouraging a security-oriented workforce, but for employees in customer-facing roles during the busiest time of year, it can pay to be especially vigilant. Some of the most important clues to watch out for are:
- Email address comes from a “trustworthy” source: Phishing emails often appeal to a sense of authority. These emails can often attempt to trick small business owners by imitating the address of a government agency or financial service, but can even imitate common companies, most especially Google and Amazon.
- Makes an urgent appeal: Does the email make reference to an emergency? Does it call for immediate, quick action or a set of tasks? Demanding requests are created to distract the reader. Making the task seem necessary is designed to cast doubt for preoccupied readers who may have otherwise noticed the signs of a false email.
- Uncommon internal requests: Is this email coming from someone you do not normally work with, especially an executive? Employees should be trained to be vigilant for emails like this, which can imitate the business owner to hide the email’s true intentions and make an employee reluctant to refuse to comply. Small businesses can alleviate this by making clear to their employees the usual chain of command in everyday operations.
- Random misspellings of common words: One subtle sign of a suspicious email is the tendency to use words which are commonly misspelled, to give the phishing email a human touch.
Small Business Saturday is a great way to encourage communities to shop locally or with specialized online retailers, especially this year as small businesses have been hit the hardest with the coronavirus pandemic. As small businesses are working to meet the demands of their customers, and reach new customers with online advertising and partnerships, they must be aware of cyber criminals lurking in the dark. Preparing employees to quickly identify and report suspicious emails can go a long way to support other network security policies in place.
With the proper tools in place to defend the network and a strong culture of cybersecurity at the individual employee level, small businesses can drastically reduce their risk of attack and be better prepared to expand their online operations for a healthy and secure holiday season.