Cybersecurity hacks can happen with just a click… And with the rise of digital transactions in banking, it’s crucial for financial institutions, businesses, and consumers to be aware of the risks associated with every transaction. IBM’s latest cyberattack report found that data breaches in the US cost organizations an average of $9.44 million – double the global average. It was also highlighted that phishing attacks, business email compromise and vulnerabilities in third-party software are the top cyber threats.

Small businesses are important targets for cybercriminals as they typically lack the assets and cybersecurity measures of larger organizations. According to Accenture’s Cost of Cybercrime Study, 43% of cyberattacks target small businesses. For this reason, our top priority for commercial banks like ours is to protect our small business customers by providing them with the most up-to-date materials and regular cybersecurity check-ins. Executives across all industries should be on high alert as organizations’ digital footprints expand and centralized cybersecurity risks increase.

To avoid potential risks, many banks offer a range of products designed to help small businesses mitigate the risk of fraud and cyberattacks. For example, Positive Pay is one of our bank’s anti-fraud services, which aims to reduce the customer’s risk of suffering fraud through both electronic payments and paper checks. With this product, when checks are received for payment, the system will refer to the list uploaded by the customer. If a presented check matches the list, it will be paid automatically. If a presented check does not match or is not on the list, the customer will be prompted for verification. This counteracts attempted invoice forgery and collection attempts or unauthorized payments.


Banking resilience plays a critical role in protecting the finances of people and businesses. The FDIC’s latest 2022 Cybersecurity & Financial System Resilience Report emphasized their commitment to the security of their systems and privacy for the coming year. The report ultimately provides the banks with the policies and procedures to be followed that enable better protection against cyber threats.

With the month of October dedicated to cybersecurity awareness, it’s a good time for organizations to think about how they can improve their security infrastructure to avoid malicious attacks. Here are some suggestions for developing cyber threats.

1. Know your recipients and the risks involved with transfers

Bank transfers are an easy and quick way to send money to individuals and businesses, serving as an easy form of payment. However, note that once a transfer is sent, it is irreversible – so make sure you confirm who you are sending it to.


2. Think before you click

A slightly more obvious but common way for businesses to fall victim to a cyber threat is through suspicious links. The sender can claim to be someone from your bank, but it is most likely a scam. For many of us, our phones and other digital devices store a lot of sensitive information, so we should always be on the lookout for any unusual activity and ask ourselves, “Is this what I expect? Did I cause that? Does that make sense?” If you’re not sure, contact the company or person you think created the email.

3. who texts you

As technology is an integral part of our everyday lives and easy access to information is becoming increasingly desirable – pay attention to the news you receive. If someone texts you and asks you to sign up or provide information, it’s a scam. Look for the option in the messaging app you use to report junk or spam and send a screenshot of it to your carrier by texting it to 7726 (SPAM).

4. Sharing is not always important:

Do not send or enter any personally identifiable information that is sent to you via email or SMS. Personal information can include anything from your address and social security number (SSN) to your bank account number or password. You may also receive phone calls where a person asks you for information – remember that a legitimate institution will never solicit private information over the phone.


5. Make your p@$sw0rDs longer and stronger:

Weak passwords are still all too common, and the National Institutes of Standards and Technology (NIST) no longer recommend requiring special characters or mixing uppercase and lowercase letters. New guidelines state that length matters and accept a passphrase that is longer and stronger, even up to 64 characters. Opting for two-factor authentication is another recommendation.

Reduce the risk of your company

Building a strong and secure infrastructure to protect against cyber threats is vital not only to protecting the company’s bottom line but also its reputation. Business owners and executives should think carefully about who has access to sensitive data and resources, both internally and externally, and implement strong multi-factor authentication. Critical systems and endpoints should be hardened, and digital assets and data centers should be regularly scanned for vulnerabilities. After all, a company’s employees are often the last line of defense against fraud attempts, so offering ongoing education and training pays off for companies of all sizes.


Ultimately, companies should approach everything as if there were a risk and put processes in place for employees to follow. Be aware of the risks your business faces and train your employees to ensure they protect themselves and the business from cyberattacks as well.