top of page
Writer's pictureRachel Thompson

Small businesses are at risk on Black Friday

The National Cyber Security Centre (NCSC) has this month launched a campaign focused on enhancing online security during the Black Friday and Cyber Monday weekend of 24-27 November.



Don’t become a statistic


During last year’s festive shopping period, over £10 million was lost to cyber criminals.


This year, experts are encouraging users to increase their vigilance as online fraudsters are likely to use artificial intelligence (AI) to increase the perceived legitimacy of their scams.


The National Cyber Security Centre (NCSC) warns that AI can help cyber criminals to produce more accurate and professional looking content intended to dupe victims into giving away their financial details or download malware on an increasingly large scale. However, many of the typical hallmarks of a scam remain the same:


  • Urgency: Are you told you only have a limited time to respond? Criminals often threaten negative consequences or costs.

  • Scarcity: Is the message offering something in short supply? Fear of missing out on a good deal can make you respond quickly.

  • Current events, such as Black Friday: Criminals will often exploit current news stories or specific times of year to make their scam seem more relevant.


Much of this advice and guidance applies to both shoppers and small business owners. In 2021, over 4000 online shops were identified by the NCSC as being targets for ‘skimming’, which is where hackers exploit a vulnerability in software used at the checkout page to divert payments and steal details of unsuspecting customers.


If you run a small online business, it’s critical that you ensure your software is up to date and your site is secure. Ecommerce businesses, and the data that they hold on their customers are of particular interest to cyber criminals. During a peak sales period like Black Friday and the run up to Christmas, cyber attacks become more common which can often result in websites going offline altogether, resulting in a loss of sales and frustrated customers.


If you’re not sure where to begin with site security, or you need a site audit, please contact the North West Cyber Resilience Centre or view our guidance for keeping your small business secure.


Cyber Security Checklist




In the run up to the festive period, we know it’s busy and often your attention can be diverted by deadlines. Unfortunately, that’s when cyber criminals are most likely to strike. So how can you protect yourself and your customers during this time?


There are a few simple steps that you can take to quickly protect your own systems and data, and protect those of your customers, clients and supply chain.


  • Create a backup of your data in the cloud

  • Keep a separate offline backup updated

  • Enable two-factor authentication on all of your accounts

  • Keep your OS, apps and browsers updated

  • Enable your anti-virus software and firewall, check for updates

  • Review your passwords and password manager

  • Report any phishing emails to report@phishing.gov.uk


As cyber attacks on small businesses increase, so must your vigilance and training. Talk to the North West Cyber Resilience Centre team today to find out how we can support your business.




Comments


How can we support your business?

Phishing 292 x 219px.png

Raise your staff's awareness of phishing emails and guard your business against the growing trend of social-engineering threats.

 

Training your employees on what a phishing attack looks like makes them more likely to identify and report scams.

security awareness training.png

Our training package is designed and delivered by cyber experts giving you access to the most up-to-date information in an ever-changing cyber landscape.

You can purchase single-place training spots or a cyber security workshop.

Community Members

Our premium membership package is aimed at medium-sized businesses and includes bespoke security awareness training sessions.

 

This allows your business to train several cyber security champions and an assessment of your cyber risk. 

bottom of page