Being a ‘small’ business doesn't mean you're hidden

Here’s just a few ways you can minimise the potential threat of a cyber security breach that could but both you and your customers in danger.

Imagine going about your routine for your business, you go to chase up overdue invoices by contacting those that owe money just for them to give you those few words that would cause major confusion.

“What do you mean I haven’t paid?”

With the rise of the internet, phones, and devices, people are becoming more connected than ever. But that makes our little ol’ New Zealand NOT so little anymore. The increase in both technology and globalisation has opened up cyber-security risks to small businesses that are unavoidable if you don’t act on your security now.

No longer is the email about a Nigerian prince something to laugh about.

Not so long ago small businesses in New Zealand had gone through a similar situation. Business and personal emails had been hacked and the hackers managed to get a hold of invoices that the owners were sending out through email via PDF attachments. They had copied these invoices, changed the bank account number on the invoice to their own account, re-sent these emails through the email address they just hacked and ran away with some free money.

Only just a few weeks ago we heard of clients who had been receiving emails from ‘fake/phish’ email addresses which mimicked
colleagues addresses. These emails were requesting payments to be made for ‘outstanding bills’ owing to suppliers and if the payments person was none the wiser the hackers would have gotten away with thousands of dollars.

So what can you do to prevent such a thing?

• Be proactive, not reactive. This means creating a hard password for your email address.
• Use ‘2 step verification’ whenever it is offered. A great way to remove the risk of someone using your login details.
• Do your invoicing through a tool that allows direct and secure invoicing such as “Xero invoices“.
• Keep up to date on scams by reading through Xero’s “Security noticeboard“.
• Read through the indicators of a scam email outlined by the IRD through their ‘Scam Alert‘ guidelines.
• Avoid clicking links for which you do not know the sender, or you had not asked for the link.
• Keep devices and computers up to date with anti-virus software; and
• Know WHO to go to for IT support if you ever need it.

Subscribe to our blog now so you get valuable insights and advice direct to your inbox.

Our mission is to support ambitious business owners to achieve their dream and thus improving the New Zealand economy one small business at a time. We think these insights are a step in that direction!