Survey: Most SMBs Lacking Knowledge To Protect Against Online Fraud

Despite highly publicized cybercriminal attacks against businesses and the ongoing rise of malware perpetrated through schemes such as the Mariposa botnet recently dismantled by Panda Security and others, the majority of small and medium-sized businesses are not familiar with the banking Trojans used to attain access to and steal from their online accounts.

In addition, 11 percent of SMBs reported experiencing at least one incident of online fraud These statistics are some of the key findings from an independent survey released recently by Panda Security of more than 300 executives and finance professionals from SMBs across 38 industry sectors in the United States.

Conducted throughout January, the study found that 52 percent of those surveyed had little or no familiarity with banking Trojans, the criminal software used to facilitate unauthorized access to a user's online banking account. Despite the lack of understanding about malware threats, the majority of respondents (63 percent) remain concerned about online banking fraud or identity theft in their organizations.

The study also revealed a big gap between what businesses expect in the way of reimbursement from banks resulting from online fraud versus what funds are actually returned. Sixty-three percent said they strongly or somewhat believed their bank would return all of the funds to their possession. In stark contrast to this perception, only 37 percent of the victims said all of the stolen funds were actually returned.

"While online banking security is a general concern among most SMBs, most of them have little knowledge about the specific threats targeting organizations of their size," said Sean-Paul Correll, threat researcher at PandaLabs. "In addition, U.S. law puts the burden on business owners for keeping funds secure, rather than the banks. The majority of SMBs surveyed weren't aware of this fact, which means they are operating with a false sense of security."

Throughout 2009 and into 2010, mainstream publications such as USA Today and the Washington Post have reported extensively on the surge of targeted attacks against SMBs, where banking Trojans are used by cybercriminals to gain access to their highly attractive and often more vulnerable online bank accounts. These organizations, which range in size from 1 to 500 employees, typically have fewer in-house resources and budgets for IT security, placing them at greater risk of attack. Sophisticated banking Trojans such as URLZone enable cybercriminals to access the accounts, potentially resulting in a single SMB losing thousands, if not hundreds of thousands of dollars. Furthermore, destructive zombie armies, such as the Mariposa botnet that Panda recently helped shut down in an international coordinated effort with IT security firm Defence Intelligence, Spanish Guardia Civil and the FBI, continue to steal banking credentials at alarming rates.

Additional key findings from the study include:

  • 58 percent of respondents do not have insurance to protect their business from banking fraud or identity theft, or are unsure if they have any protections in place.
  • 64 percent of respondents have protective and/or procedural methods in place at their organizations to detect or prevent online banking fraud.
  • 15 percent of respondents have not updated security software on all systems where online transactions are conducted or are unsure of the status of their security software altogether.
  • To download the survey, visit http://www.pandasecurity.com/homeusers/downloads/white-papers/.

Featured

  • AI to Help Resolve Non-Emergency Calls Across Utah and Decrease 911 Caller Wait Times

    The Utah Communications Authority (UCA), which oversees the state’s next generation 911 technology services, recently announced that public safety answering points (PSAPs) throughout the state plan to implement Motorola Solutions’ Virtual Response technology to automate the receipt and resolution of 10-digit non-emergency line calls in Utah with the help of AI. Read Now

  • Report: 2025 Video Surveillance Market Set to Grow After Small Decline in 2024

    Novaira Insights has unveiled its latest report, “World Market for Video Surveillance Hardware and Software – 2025 Edition.” The research indicates that the global market for video surveillance hardware and software experienced a slight decline of 0.3% in 2024. This performance fell short of previous forecasts, primarily due to a significant decrease of 7.8% in the Chinese market. Conversely, the rest of the world saw a growth of 4.9%. The global market for video surveillance equipment was estimated to be worth $25.0 billion in 2024. Read Now

  • Report Reveals Local Governments Face Surge in Ransomware Attacks with Minimal Resources

    KnowBe4, the cybersecurity platform that comprehensively addresses human risk management, recently released new research highlighting the critical cybersecurity challenges facing state, local, tribal, and territorial (SLTT) governments. The report details how government organizations have become prime targets for cybercriminals while simultaneously facing severe resource constraints. Read Now

  • Video Surveillance Trends to Watch

    With more organizations adding newer capabilities to their surveillance systems, it’s always important to remember the “basics” of system configuration and deployment, as well as the topline benefits of continually emerging technologies like AI and the cloud. Read Now

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

New Products

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.