Regardless of how virulent the COVID-19 pandemic remains, most businesses are finding ways to generate revenue, mainly by relying more on digital technologies to engage customers. The challenge from a cybersecurity perspective is cybercriminals are closely tracking these efforts.
A survey of 173 small to medium-size business (SMB) owners conducted by the Electronic Transactions Association and The Strawhecker Group finds eight in ten SMBs that were closed at some point during the COVID-19 pandemic have reopened in some way. The survey also finds that the majority of SMBs (55%) are optimistic about their recovery.
The survey makes it clear that e-commerce is playing a bigger role than ever. Close to 40 percent of SMBs have seen an increase in e-commerce sales, with most seeing increases in e-commerce sales of 10 percent or more. The survey finds 64 percent of SMBs have implemented or added a new or additional sales channel or tactics. Plus, 52 percent of these SMBs are using e-commerce/online solutions, and 50 percent are using a delivery or mobile service.
Furthermore, among SMBs that accept debit and credit card payments, 48 percent have seen an increase in customers using or asking for contactless payments.
Overall, 61 percent of the SMBs surveyed reported that they were closed in some way during the pandemic. Of the four out of ten that did not close due to the pandemic, more of these SMBs are now reporting being open without restrictions, compared to March through May. The majority of these SMBs (77%) are now open and operating with restrictions like mask requirements and social distancing.
Attracting attention from cybercriminals
Naturally, an increase in digital business transformation activity is also attracting the wrong kind of attention. For example, Sift, a provider of e-commerce security tools, has identified 15 fraudsters in Russia with identical IP addresses, now dubbed Bargain Bear, that have worked together to test dozens of credit cards and digital wallets by posting fraudulent content listings on an e-commerce marketplace.
The report finds that using these fake listings the ring sold items to each other to vet stolen data, “negotiating” the costs of those items down so that the exchanges appeared more legitimate. This allowed Bargain Bear to test payment information that allowed them to later make much larger purchases. The attempted scam also sought to bolster the fraud ring’s legitimacy on the marketplace by having the “buyer” post positive reviews that were fake.
None of this activity is especially new. However, many SMBs tend to underestimate how much of that activity there is. As SMBs rely more on their websites to drive business, there’s usually a corresponding increase in the revenue moving through that sales channel. The more revenue flowing through a website, the more likely it is to attract individuals looking for opportunities to commit fraud by, for example, stealing credit card numbers.
It may be a while before most SMBs fully appreciate the nature of the threat. There could even be some backlash against digital business transformation as SMBs encounter more security issues. Like it or not, however, cybersecurity professionals should gear up now to help SMBs address these issues because there’s clearly no turning back now.
Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.