Protecting Small Businesses from Cyberattacks This Holiday Season

(Family Features) There’s no shortage of concerns that keep small business owners up at night and the holiday season doesn’t offer any reprieve between supply chain issues, labor challenges and COVID-19 variants.

Add another worry to that list: cyberattacks.

Cyber criminals take advantage of the holidays to attack both businesses and consumers while cybersecurity is often overlooked.

According to a report from the Identity Theft Resource Center, 58% of small businesses have experienced at least one security or data breach. Recovering from a breach can be expensive with 60% of small businesses paying $250,000-$1 million to cover the costs.

“Many business owners think a cyberattack won’t happen to them, but the threat is very real,” said Amy Geiger, Huntington National Bank’s Chief Security Officer. “An attack can be devastating, so it’s important to have a plan in place and make sure employees know how they can do their part in keeping your business safe.”

Consider these simple steps you can take to protect your business this holiday season.

1. Be aware of common threats

The methods cybercriminals use to attack businesses are constantly evolving, so it is important to be aware of the most common types of attempts.

  • Social engineering: A technique criminals use to trick people into revealing confidential information, such as account details, passwords, personal details (like birthdates, Social Security Numbers, etc.) or key financial information.
  • Phishing: A type of social engineering attack where criminals send an email to trick someone into believing they are someone else to learn sensitive information about the victim or infect a machine with malware, viruses or ransomware. The content in phishing emails often involves an urgent need to get the potential victim to act quickly without thinking.
  • Vishing and smishing: Similar to a phishing attack, except the attacker uses a phone call or text message to attempt to gain money or information. These calls and messages may appear to be from familiar names and numbers.

2. Train employees on best practices

People are the first line of defense against cyberattacks. It’s important to have an educated team that practices a healthy dose of skepticism when they receive emails or phone calls, especially from unknown sources. Consider these precautions employees can take to help prevent attacks:

  • Avoid opening links or attachments on emails unless they are expected.
  • Don’t click on links from unknown sources and delete suspicious emails. On many systems, hover the mouse over a link without clicking it to display the link’s full path, which can help determine if a link is legitimate.
  • When on the phone, always confirm who you are talking to and never provide personal or sensitive information. Caller-ID can be spoofed, so be careful if you did not place the call.
  • Use strong passwords and separate passwords for different accounts.
  • Remember financial institutions will never reach out to request personal information, such as account numbers, passwords or one-time codes.

3. Bolster security

Having safeguards in place on computer operating systems and applications is critical. Ensure antivirus, malware protection and email security software are in place, active and current. Don’t forget to regularly back up data on computers.

4. Rely on experts

You don’t have to go at this alone. There are many educational resources available to businesses of all sizes. The Small Business Administration (SBA) has an online hub that offers cybersecurity education, planning and assessment tools and best practices for preventing cyberattacks.

Your bank may also offer cybersecurity tools and information. For example, Huntington Bank has a team of experts and suite of fraud mitigation tools to help protect businesses. Building on its position as the nation’s No. 1 Small Business Administration (SBA) 7(a) lender by volume, the bank also offers Huntington Lift Local Business, a small business lending program focused on serving minority, women and veteran-owned businesses offering free education throughout the life of the business.

To learn more about cybersecurity tools, best practices and resources to protect your organization, visit

Photo courtesy of Adobe Stock


Huntington Bank