Rising Phishing Scams Impact Small Businesses Relying on Social Media

Small businesses that rely on social media giants like Facebook and Instagram for customer engagement and growth are at risk of cyberattacks by hackers leveraging phishing scams and cyber extortion techniques.

Entrepreneurs such as Pat Bennett, who drove half of her granola business’s sales through Instagram, found herself ensnared in a cyberattack. Through what seemed like a harmless message from a known contact, Bennett lost access to her Instagram and Facebook accounts. She remains locked out despite her best efforts using Meta’s recommended channels. Her ordeal exemplifies the heightened risk small businesses face, especially when a large chunk of their sales relies on these platforms.

Recent surveys by CNBC reveal a worrying trend. Many small business owners are not adequately assessing the cyber risks they face. Yet, in 2021 alone, the FBI’s Internet Crime Complaint Center received 847,376 complaints concerning cyberattacks, with small businesses suffering the brunt and almost $7 billion in losses.

However, the response from tech behemoths like Meta seems underwhelming. Though Meta cites its ongoing efforts to combat malware and “threat actors,” small businesses argue they’ve not received adequate assistance in tackling the issue.

Joseph Steinberg, a cybersecurity and AI expert, stresses the ease with which criminals exploit small businesses on social media, viewing them as “low hanging fruit.” His sentiments are echoed by Bryan Palma, CEO at Trellix, who notes a rise in cybercrimes aimed at platforms like Instagram and YouTube, with some criminals targeting profiles boasting more than 50,000 followers.

The modus operandi varies, but the intent remains malicious. Criminals might mimic official Instagram or Meta communications, luring business owners into revealing their login credentials, as Cai Dixon discovered when she lost access to her thriving Facebook group of 300,000 followers.

Greg Hatcher, founder of White Knight Labs, highlights the disproportionate challenge small businesses face compared to corporate giants in warding off cyberattacks. Reports by Barracuda, a cloud security company, underline this, noting that smaller companies experienced 350% more social engineering attacks than their larger counterparts in 2021.

Despite the grim picture, all is not lost. Experts recommend leveraging security features already provided by social platforms, like two-factor authentication, and adopting business password managers. Cyber hygiene, with robust password policies and vigilance, can also reduce vulnerabilities.

Yet, as the virtual world expands and its regulations remain lax, calls for more robust cybersecurity infrastructure grow louder. Jen Easterly, CISA director, has urged technology companies to prioritize product security. For now, though, small businesses are encouraged to take proactive measures, remain vigilant, and utilize resources like the Identity Theft Resource Center when faced with cyber threats.

Image: Envato Elements

Joshua Sophy Joshua Sophy is the Editor for Small Business Trends and has been a member of the team for 16 years. A professional journalist with 20 years of experience in traditional media and online media, he attended Waynesburg University and is a member of the Society of Professional Journalists. He has held roles of reporter, editor and publisher, having founded his own local newspaper, the Pottsville Free Press.