Small business owners are prime targets for phishing scams, as their personal business information and the information of their customers are worth a great deal of money to fraudsters. Online fraud has risen considerably within recent years, and the emergence of EMV will only continue to increase this.  As a result, it is important for small business owners to always be alert and take security precautions online to safeguard against cyber criminals. 


Here are some tips on how small businesses can identify and protect themselves from phishing emails: 


What Is Phishing?
Phishing is a tactic cyber criminals use to gather confidential information with deceptive websites and e-mails. Cyber criminals will send out an e-mail disguised as a legitimate business, a bank, or as a friend. Typically, phishing e-mails require the user to take action, such as opening an attachment or clicking on a malicious website link. Cyber criminals will create these e-mails to be extremely convincing by including logos of businesses, contact information, or shipping/tracking information. 


Once the phishing e-mails are formed, cyber criminals will then send them to millions of people worldwide. The more e-mails they send, the more people cyber criminals can target and hack. 


What Is Spear Phishing?
Spear phishing is similar to phishing, but instead of distributing random e-mails to millions of possible victims, cyber attackers send specific targeted messages to just a few individuals. With spear phishing, cyber criminals will research potential targets through their personal social media pages or messages they have posted on other websites or blogs. With this research, cyber criminals formulate a highly customized e-mail that looks relevant to the planned targets.


To help protect small businesses from becoming victim of phishing e-mails, here are several steps a small business owner should incorporate: 


  • Be wary of any e-mail that sounds too good to be true. If the e-mail is promising $1,000,000, it likely is a scam.
  • Be leery of attachments within e-mails and only download items that are expected.
  • Be suspicious of e-mails that require immediate action. This is a common method to urge people enter in personal data and fall victim to fraud.
  • Check the e-mail addresses to see if they appear to come from a legitimate company. If the e-mail is coming from a personal account, such as or, it more than likely is a scam.
  • Be cautious of e-mails addressed as “Dear Customer” or uses another form of generic greeting. Most reputable companies will address a user by their first and last name to prove they are authentic.
  • Take note of any grammatical or spelling mistakes, as most businesses proofread their e-mails before they are sent out.
  • Be cautious about unexpected e-mails from family or friends. Their computer could have become infected and is sending malicious e-mails on their behalf. If the e-mail looks suspicious, call them on the phone to determine if they sent the e-mail. 


The battle against fraud is challenging, and it is essential that small businesses recognize all they can do to protect their business against cyber criminals. To reduce exposure, small business owners should take the time to confirm any e-mails were sent from a trusted source and follow the above recommendations to ensure they have the maximum security possible.