Eftsure Delves Into How Businesses Are Vulnerable to Cybercrime During the Holiday Shopping Season

Shoppers spent over $11 billion last year during Cyber Monday last year; numbers are expected to increase this year.

From Thanksgiving’s Black Friday through the New Year, holiday shopping is at its peak. According to a National Retail Federation forecast, this year promises to reach record spending levels between $957.3 billion and $966.6 billion, an increase of 3% and 4% from last year. The problem? Cybercriminals and scammers don’t take time off for the holidays. Businesses must be vigilant and reassess their vulnerabilities and safeguards.

All types of businesses can be targeted by cybercriminals, but small and medium enterprises (SMEs) may face higher risks. An AIC Report on Cybercrime found that SMEs were more likely to lose money to scams, given they are often time-poor and have fewer resources to dedicate to cyber defence as the need for robust, convenient, and user-friendly security solutions.  And an Eftsure survey found that one in five small businesses don’t use any anti-fraud controls before processing payments.

“Cyber-related losses often happen when you least expect them. And a single incident can be very damaging, both financially and reputationally,” said Mark Chazan, Eftsure’s Chief Executive Officer. 

Holiday Season: Vulnerability to Cybercrime  

Cybercriminals and scammers often target employees during busy periods, especially during the holiday season, using tactics like social engineering or BECs to capitalise on tired or time-poor workers. Meanwhile, AI is enabling greater sophistication in cybercrime. As a result, business owners need to strengthen cyber safeguards to combat potential fraud-related losses.

In gearing up for a hectic period like the holidays, business owners need additional safeguards, such as running staff security training and strengthening their financial control procedures. But that is only part of the solution. Businesses are vulnerable to cybercrime, especially during busy periods like the holidays, and need to bolster their cyber defenses with the right online protection. 

“Controls like segregation of duties mitigate the risks of tactics like business email compromise (BEC) attacks,” said Chazan. “They aren’t the only solutions, but organizations could be exposing themselves to unnecessary risk if anti-fraud controls aren’t robust enough.”

Chazan emphasized the need for organizational safeguards that do not solely depend on human abilities to recognize threats, especially with the growing sophistication of AI.  

“To protect their finances right now – and ensure that future investments pay off – leaders will need to bring accounting and cybersecurity approaches closer together under a unified cyber-crime strategy,” said Chazan. “This includes more frequent staff training, regularly pressure-testing your controls, embedding the right technology, and cultivating a broader security culture.” 

Six Steps Against Cybercrime

Employees are under pressure to complete requirements; it can lead to human error and simple mistakes, like clicking on a malicious link or opening a dangerous attachment.   

Cybercriminals use phishing attacks to get sensitive information via email or phone. They may access a company’s email system and impersonate staff members in BEC attacks. Or they create or modify invoices in an effort to get employees to make fraudulent payments.

Here are six steps to reduce the risk of cybercrime during busy periods like the holidays.

  • Always use two-factor authentication when possible
  • Use strong passwords and run regular training on other elements of security hygiene 
  • Independently verify supplier details before processing payments 
  • Ensure you’re using financial controls like segregation of duties, and then pressure-test them to see if they’re sufficient against phishing or impersonation emails 
  • Create a security culture in which employees feel comfortable to speak up if a message doesn’t look right or if they suspect they clicked on the wrong link 

The sixth step is critical – you need to make sure your business is using the right digital tools. Cybercriminals regularly leverage technology to try and defraud your business, but using your own technology solutions can help level the playing field – especially if solutions reduce the tedious, manual processes that are more vulnerable to human error or oversight. For instance, a payment protection solution like Eftsure offers security and automation for accounts payable and receivable, decreasing the risk of payment error, fraud, and cybercrime. 

Eftsure is helping businesses worldwide safeguard billions in payments with end-to-end B2B payment protection software to mitigate the risk of payment error, fraud, and cybercrime. For more information on cybersecurity, download Eftsure's newest Cybersecurity guide here: https://eftsure.com/en-au/guide/cybersecurity-guide-for-cfos-2023.

About Eftsure

Eftsure is a market leader in payment fraud prevention. Specifically designed for businesses, our end-to-end solution safeguards more than $216B in B2B payments per year. Our mission is to build a safer business community. With a large and continuously growing database of verified supplier details (the only one of its kind), we use multi-factor verification to give businesses greater knowledge and control over onboarding suppliers, receiving invoices, and making payments. In short, we ensure our customers never pay the wrong people.  

Source: Eftsure

Share:


Tags: ​ Accounts Payable​, ​ Risk Mitigation​, Cyber Crime, Eftsure​, Risk Management


About Eftsure

View Website or Media Room

Eftsure is Australia's market leader in payment fraud prevention. Specifically designed for businesses, our end-to-end solution safeguards more than $180b in B2B payments per year. Our mission is to build a safer business community.

Jessica Lombao
Media Advantage Account Manager, Eftsure
Eftsure
9/177 Pacific Highway
North Sydney, NSW 2060
Australia