Why are Cybercriminals Targeting SMBs with Email Attacks

By Carla Barata • April 12, 2019

Every day, Small and Medium-sized Businesses (SMBs) face the fact that cyber attacks, ransomware and the dangers of the Internet of Things (IoT) are looming and always put to the test their ability to protect their information assets.Recent data shows that SMBs are actually the big victims of cyber attacks. They are worthwhile for hackers because, unlike larger organizations, they don’t have the resources, personnel, or budget, or their amount of data. What they have is a valuable business data that can lead cybercriminals to larger companies via unprotected connections.

Whether you're a small business owner or you manage an IT department at an SMBs, it's important to know the number one tactic used to target SMBs is Email, which are the main statistics of cyber attacks that are hitting, what type of attacks and, most importantly, how you can protect your company.

SMBs Can Lead Cybercriminals to Larger Companies

All the smaller and medium-sized businesses connect in some way to larger companies. Cybercriminals know that they can explore smaller firms as a gateway for attacking larger ones, exploring vendor supply chains.

The Number One Tactic is Email To Target SMBs

That doesn’t necessarily need to be right for you, but the vast majority of SMBs doesn’t worry about Email as the prime vehicle for attacking SMBs, namely to deploy Ransomware.

You’ve probably heard about ransomware by now, but you might not have heard that cybercriminals mostly use ransomware on regular people and smaller businesses.

The main thing about ransomware is that it’s most successful with those who feel that they have no option but to accept what the ransom message says. Hackers are well aware that regular people and smaller businesses usually don’t have a way to deal with these attacks, which is why they target them.

The Stats behind targeting SMBs

According to Ponemon Institute in the 2017 State of Cybersecurity in SMBs:

  • 61% of the respondents reported that they’ve experienced a cyber attack;
  • 54% had data breaches involving customer and employee information;
  • 52% say their companies experienced a ransomware attack;
  • 48% say the type of attacks were phishing/social engineering;
  • Additionally, more than half of companies with 1,000 or fewer employees have been a target of a cyber attack.

Another study states that some 43% of all attacks are at small businesses.  In the end, it’s worth remembering that around 60% of SMBs close down within six months after experiencing a breach.

Despite these numbers, many SMBs still believe they are not the target which results in most don't know how to protect or don’t have adequate email security and cybersecurity protection in general.

How to Protect Your Company

Ransomware and other forms of email attacks can be prevented not only with excellent email security software but also with training. The software cannot protect you if everyone in your company doesn’t know how to protect themselves from email attacks.

They need education on how these attacks function, but also on how to be vigilant. They need to be careful with each email and to avoid clicking suspicious links, even if they seemingly look normal and as if coming from a legitimate source. In the end, they should read up on more tips and advices on how to protect themselves.

It mostly stems from the fact that SMBs are usually the easiest targets for cybercriminals. They know that these types of companies either have less sophisticated methods of protection or don’t care enough about cybersecurity, which gets them to target most of their email attacks at them.

Avoid being an easy target by having quality software installed, using a firewall, antivirus systems, and two-factor authentication among others.

Learn how email security powered by AnubisNetworks can provide ransomware/malware protection to SMBs. Try it for free now!

Free Trial Mail Protection System