There have been multiple ocassion where a business has fallen prey to cyber attack especially data centric companies. You must have also come across banks, online companies like Uber, TalkTalk, Equifax, Yahoo etc falling to online hacks. In India, many young generations have developed their own startups, and the there is constant rise in SMEs industry. Hence, the chances of getting hacked are quite high. An entity or a group of people hack a business in order to create a fraud hampering both the business and the customers. There is nothing safe when a fraud occurs  especially in a common man's life who loses bigger than a company. Thereby, it is also the responsibility of business to make sure they reduce the cyber threat making their operations free of fraud.  However, the widespread media attention should not lull small businesses into thinking that they are immune and have somehow managed to skip the notice of online hackers.

COMMERCIAL BREAK
SCROLL TO CONTINUE READING

Sirish Kumar, Founder and CEO says, O'ftentimes, the easy-going or laissez faire approach adopted by small businesses is a factor in their falling victim to opportunistic hackers. When it comes to fighting online fraud, all of us must continuously keep our guard up. In fact, while a laidback attitude – or a lack of technical know-how – may keep the small and medium enterprises from exploring their cyber-security options, the same makes them an easy target for fraudulent activity online."

According to Kumar, Online fraud comes in a number of guises, and from a number of directions – but whether the attack is aiming for the theft of data, or to defraud the business of revenue, the damages can lead to not only a loss of handsome business revenue but also the overall repute and trust of the customers. In fact, the analyst firm KPMG’s survey of small and medium sized enterprises reveals exactly the same, with 89% of businesses agreeing to facing a damage to their repute and 30% admitting severed bonds with their clients as an aftermath of the online fraud.

Guarding against cyber-attacks

Owing to weaknesses in their systems and IT infrastructure, small businesses are vulnerable to a number of common types of cyber-attack, such as ransomware, malware, phishing scams, DDoS attacks, and data dumping. While ransomware is malicious software targeted to extract a ransom from businesses with the threat of publishing sensitive data or preventing access to vital applications, commonly attackers send out phishing scams, or carry out DDoS attacks in bulk, in order to maximise their chances of making a quick buck.

It goes without saying that SMEs must stay vigilant against online frauds. Here’s listing some of the fundamental security measures that any business can (and should) take to actively ward off typical malware, phishing scams, or DDoS attacks:

  • Keep strong passwords that are not easy to guess
  • Opt for reliable anti-virus software and update it regularly
  • Exercise controlled access for employees and have strong access rules in place
  • Establish a strong, ethical, and anti-fraud culture. Design strong policies and communicate the same effectively to all employees.
  • Remove any accounts that are no longer in use, for instance the accounts of employees no longer working in the organization
  • Require any device connected to the internet to have an active firewall
  • While using hosted services, use two-factor authentication when logging in
  • Use the most updated version of software and programs

Guarding against online payment frauds

Online merchants need to also be prepared against the ever-present risk of online payment frauds. The scenario goes like this: a fraudster that has access to the card details of a genuine customer uses these to make a purchase on the online merchant’s website. When the genuine customer sees that their card has been used to make a purchase without their consent, they raise the alarm with their bank, and if the bank agrees that the transaction is fraudulent, the online merchant would have to return the money to the customer. At the same time, they may have already delivered the goods to a sneak online thief, and so the online business suffers a double hit: a loss of income and a loss of reputation.

The other side of this coin, though, is when genuine customers attempt to make a purchase on the online merchant’s site, but the transaction is incorrectly viewed as fraudulent and so it is declined. This can happen when online merchants are not using an antifraud solution with a sufficient level of intelligence, which unnecessarily flags genuine transactions as fraudulent. As a result, merchants not only miss out on genuine revenue but also suffer a loss of reputation, as their customer had had to endure an unpleasant experience.

The most effective way to avoid this predicament, with its two-pronged impact on both revenue and reputation, is for the online merchant to opt for a payment gateway that has a proprietary antifraud solution and puts this at the centre of their offering. Look carefully at the antifraud software provided by the payment gateways, as a sophisticated antifraud solution can make a significant difference to a business’ revenue. The best solutions, which will likely be developed in-house by the payment service provider, optimise revenue without impacting customer experience – minimising fraudulent transactions, and safeguarding the overall reputation of an online business.