How Small Businesses Defend Against Fraud

A new survey shows small business owners recognize cyber attacks as a threat to their business, with most taking similar steps to protect themselves and their customers.

By Chris Higdon

Small businesses were once just a blip on hackers’ radar, but now they’re among the primary targets.

Both large and small businesses face the same type of cyber threats, but larger businesses typically have bigger budgets and more expertise to defend against those threats. Because of this, hackers are seeing small businesses as easier targets and over the last five years have shifted their focus to this group. But small business owners, too, are taking steps to fight back.

The fall 2016 PNC Economic Outlook Survey shows small- and mid-size business owners across the country are concerned about cyber fraud, with 89 percent taking at least one precaution against it. According to the survey, the most common precaution is using antivirus/antispyware software with regular updates. Other common methods include regularly backing up important data, using a firewall and encrypting information.

These methods are paying off, as just one in 10 survey respondents report they have been the victim of an information security breach. That’s encouraging news for small business owners and customers, but not a reason to let down your guard.

use two people to review transactions
Use two people to review banking transactions to help identify unusual activity

Technology: A Double-Edged Sword

Small business owners increasingly turn to technology to increase speed and efficiency for themselves and their customers. When asked about use of business banking services, 57 percent of survey respondents say they use online bill pay instead of paper checks. This was followed by remote deposit and business credit cards.

These services provide business owners a new level of convenience, but owners also must protect sensitive data for their business and their customers

What are some steps small business owners can take to reduce their risk of cyber fraud?:

  1. Be wary of email attachments from unfamiliar senders or unexpected files from colleagues. Hackers often impersonate colleagues. These attachments can contain damaging malware, like ransom ware or banking Trojans.
  2. Use a dedicated device for banking transactions to protect your account or card number, login information and customer data. Limiting your access to one device helps your bank learn your habits and identify unusual account access.
  3. Verify transaction details face-to-face or by phone. Don’t rely on electronic communication; and
  4. Make sure two different people review transactions. This will help to mitigate employee fraud and help identify any unusual activity.

Chris Higdon is a fraud systems specialist in PNC’s Enterprise Fraud Group.


Want to see the full results of the fall 2016 Economic Outlook Survey?

Visit our media room »

Test your online safety knowledge »


Chris Higdon
Chris Higdon says small businesses can be more vulnerable to cyber attacks if they don’t take precautions

Question Suspicious Email

Fraudsters have a variety of tools to manipulate email. Always check the following:

  • Reply address – After hitting reply, check that the email address is correct and has not changed.
  • Spelling – Fraudsters often imitate a colleague’s address, but with an incorrect spelling.
  • Attachments – Be cautious when opening attachments, especially if they’re from an unfamiliar sender.

PNC Point of View
Real People. Real Perspective. Real Insights.
Read more POV Stories »