Social engineering fraud and cybercrime. Top 10 tips on how small businesses can protect themselves and their employees

Here at the Broadstone Business Centre we care deeply about the security of our lovely office-renting and workshop-renting tenants in Broadstone – and ourselves!

Cybercrime is arguably the perfect crime. It can be conducted remotely (no physical access required), and it can be extremely difficult to track down the perpetrators. With the sheer amount of cybercrime that is occurring,  police and related agencies are understandably overwhelmed.

Social engineering fraud is a type of scam that takes advantage of people’s trust and emotional vulnerabilities to obtain sensitive information, money, or access to restricted areas. It can be performed in various ways, such as phishing emails, fake phone calls, and the impersonation of trusted organizations or individuals.

Small businesses are particularly vulnerable to social engineering fraud because they often have limited resources and security measures in place, and their employees may be less aware of these scams. Therefore, it is crucial for small businesses to educate their employees and adopt effective measures to prevent such fraud.

Here are the top 10 tips on how small businesses can protect themselves from social engineering fraud:

  1. NEVER give out confidential or sensitive information over the phone unless your (more than!) 100% sure that the person you’re speaking with is a) who they say they are b) absolutely needs to have it. If you have even 1% of doubt, DON’T DO IT. Put down the phone. Ask someone else, who you trust, for their advice. So much better to be safe than sorry.
  2. Train employees: Educate employees on the different types of social engineering scams, such as phishing, vishing, and baiting, and how to identify them. Encourage them to report any suspicious activity or emails to the management.
  3. Use strong passwords: Require employees to use strong passwords and regularly change them. Enable multi-factor authentication for critical accounts and systems.
  4. Monitor activity: Regularly monitor the activity of employees’ email and computer systems for any suspicious behavior. Install anti-malware and anti-virus software to protect against cyber-attacks.
  5. Be cautious of unsolicited emails: Be cautious of unsolicited emails and never open attachments or click on links from unknown senders. Check the sender’s email address and the authenticity of the organization or individual before opening or responding to any emails.
  6. Verify requests: Verify any requests for sensitive information, such as passwords, Social Security numbers, or financial information, through multiple channels before providing it.
  7. Use secure networks: Use secure networks when accessing sensitive information or conducting financial transactions. Do not use public Wi-Fi or unsecured networks for confidential information.
  8. Keep software up to date: Keep all software and systems up to date with the latest security patches and updates.
  9. Regularly backup data: Regularly backup important data to prevent data loss in the event of a cyber-attack.
  10. Ensure that your bank accounts have sensibly low transfer limits that require trusted others (e.g. your partner or bookkeeper) to verify larger transfers before they can be processed.

For more information on how to protect your business from social engineering fraud, please refer to the following helpful web links:

  1. Train employees:
  2. Use strong passwords:
  3. Monitor activity:
  4. Be cautious of unsolicited emails:
  5. Verify requests:
  6. Use secure networks:
  7. Keep software up to date:
  8. Regularly backup data:


Photo by Saksham Choudhary:

Like this article?

Share on Facebook
Share on Twitter
Share on Linkdin
Share on Pinterest

Get notifications as tenancies become available

Pop your email address in below and we’ll keep you appraised as and when office space becomes available in our centre.