Defending against scams: 5 basic steps for SMBs

Scammers employ various tactics, and recognising some common ones is the first step of defence against them.

As a business owner, you are likely to receive communications across various channels – email, SMS, WhatsApp and other messaging platforms. In every case, it is important to ensure that you are not tricked into revealing any sensitive information or taking actions that could compromise your business’ security.

Make it a point to verify the authenticity of all communications. For email, this could mean the basics such as checking the sender’s address to make sure the domain names are familiar or if not, legitimate and that there is no ask in the body of the email for revealing any sensitive information. For messaging apps, this could mean sticking to only encrypted communication channels such as WhatsApp or Telegram, especially for sensitive discussions. Even here, it is prudent to avoid sharing confidential information. 

It is important that everyone in the company is aware of these online scam tactics and the dangers that they pose. All it takes is one person who is unaware to be compromised into leaking sensitive business data or inadvertently giving scammers access to the company network.

Thus it is important to educate employees and train them regularly on the latest scam tactics. This could be in the form of workshops on recognising and reporting online scams using real-life examples and phishing scenario simulations; or in the form of company protocols and procedures for reporting unusual activities.

Since the scam techniques used are always evolving, it is important for SMB owners to keep themselves updated. Aside from reading news articles, you can also tap into your network and interact with other SMB owners. Learning from others' experiences can enhance your awareness and help fortify your business against evolving threats.

Look for industry events and conferences on cyber security to gain firsthand knowledge from experts. Singapore Business Federation (SBF) provides a platform for business networking, offering events and forums where SMBs can discuss challenges, including cyber security. Singapore Cybersecurity Consortium is another community which provides access to a network of cyber security professionals and events aimed at enhancing knowledge and collaboration in the field.  

Scams can also target SMBs to make transactions from their bank accounts. This is often in the form of scammers impersonating bank staff and targeting SMB owners or employees through phone calls or SMSes, asking for their credit card details.. In this case, you could lose valuable business revenue if precautions are not taken.

Make it mandatory for everyone in your team to adopt Multi-Factor Authentication (MFA) for all financial transactions and sensitive accounts, in addition to a strong password policy.

To add another layer of protection for your financial data against online scams, consider adopting advanced cyber security solutions. Ideally, these should involve real-time threat detection and protection in addition to firewalls and antivirus software. Singtel offers various cyber security solutions for SMBs, including Endpoint Security to secure your employees’ devices, Network Security to defend against advanced threats 24/7 as well as Cloud Protect for protection in a multi-cloud environment.