FTC Wants to Help Small Businesses Spot Cyber Scams

If you're a small business owner receiving Facebook messages about a business grant you've won, you might be the target of a cyber scam—and the Federal Trade Commission wants to make sure you don't fall victim.

FTC this week launched a new site designed to help small businesses protect themselves from cyberattack. They're often easy targets, especially because they don't have the financial resources larger organizations do to constantly monitor their networks, according to FTC. 

The Facebook scam, in which criminals posed as a recipient's friend to collect cellphone numbers, is just one example; the percentage of spear-phishing attempts directed at small businesses rose from 18 percent in 2011 to 43 percent in 2015, according to Symantec's threat report.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

The FTC site includes tips on detecting scams and video tutorials on how to fortify networks, among other strategies. The agency recommends small business owners and employees take extra care to update their software, back up files, create strong passwords and not leave their work-related devices out in public.

FTC also recommends businesses don't collect unnecessary information about customers.

"No one can steal what you don’t have," according to an FTC post. "When does your company ask people for sensitive information? Perhaps when they’re registering online or setting up a new account. When was the last time you looked at that process to make sure you really need everything you ask for?"

Other non-cyber scams directed at small businesses include fake invoices, in which employees might routinely pay a bogus company without verifying that money is really owed, and schemes in which criminals deliver supplies to a business, pressuring employees to sign for and pay for them even though the business hasn't ordered them.