Skip Navigation
Documents in Portable Document Format (PDF) require Adobe Acrobat Reader 5.0 or higher to view, download Adobe® Acrobat Reader.

Cybersecurity Tips for Small Businesses

Protecting Your Company and Your Data

Man sitting at desk looking at notebook

As a small business owner, you have a lot on your plate. You are responsible for the success of your company, and that often includes wearing many different hats. One important responsibility that may not be at the top of your list is cybersecurity. However, protecting your company from cyberattacks is critical to safeguarding your company’s, employees', and customers' data.

Did you know that 61% of small businesses have experienced a cyberattack in the last year? (source: As a small business owner, it's important to be aware of the risks of cyberattacks and take steps to protect your company.

Never click on links in emails from unknown senders. This is how many cyberattacks are carried out. Attackers will often send phishing emails that appear to be from a legitimate company or individual. These emails often contain malicious links that, when clicked, can give the attacker access to your computer or network. Be sure to train your employees so they know not to click on any links in suspicious emails.

Looks for these Red Flags:

  • Grammatical errors in the message or sender’s email.
  • High pressure or urgent requests for sensitive information or a payment.
  • Spoofed email domains. This could be an email that appears to be from a known sender but has been slightly altered. For example: (notice the i has been replaced by a lowercase l).

Wire fraud is a common business scam. The scam typically includes a request for an immediate wire transfer of funds from, what appears to be, a trusted source. The pressure and sense of emergency is a manipulation tactic used to get you to lower your guard, overlook the red flags.

The scammer may be impersonating an executive or manager from a company you’re familiar with and may have even created a fake email account. Make sure you have a process in place to verify wire transfers and reach out to the source directly if you have questions via a verified email address or phone number.

Use strong passwords and change them regularly. Strong passwords should be at least eight characters long and include a mix of upper and lowercase letters, numbers, and special characters. Avoid using easily guessed words like "password" or your company name. Encourage your employees to change their passwords regularly, at least every three months.

Use multi-factor authentication. This can require the use of a temporary code or a token for an employee to access areas on the network that house sensitive information.

Install an antivirus program on all your company’s devices. This will help protect against malware and other malicious software that could compromise your system. Be sure to keep your antivirus program up to date so it can protect against the latest threats.

Encrypt your company devices. Ensure that only authorized individuals with the proper credentials can access your company’s devices.

By following these tips, you can help your company avoid cyberattacks. Protecting your company’s, employees', and customers' data is essential to keeping your business running smoothly. Train your employees on best practices for cybersecurity and be sure to implement strong security measures.

For additional Cybersecurity Tips for Small Business, visit the Federal Trade Commission’s resource center,

Phishing & Smishing scams
Treasury management Services
FraudEYE Alerts