Small to medium sized businesses have been big targets for scammers and cybercriminals for a long time with good reason. Small to medium sized businesses have much information about their customers and their employees that can be misused for purposes of identity theft and often are not as protected from cyberattacks as they should be. According to a study by security company Symantec 36% of all targeted cyberattacks have been made against businesses with fewer than 250 employees. This problem is made worse by the fact that according to the National Cyber Security Alliance 83% of small businesses have no formal cybersecurity plan and 69% have no plan at all.
Some of the steps I advise are installing Firewalls, installing security software and regularly updating it, training employees about proper security practices, better use of encryption, and using dual factor authentication when available. I also consult and give speeches to companies and trade groups about how to protect themselves from scams. If your company or trade group is interested in having me come to speak to you, you can reach me here at Scamicide.
The FTC has also recognized this problem and has now set up a new website that provides helpful information to small businesses about protecting themselves from cyberattacks. Here is a link to that website. https://www.ftc.gov/SmallBusiness