As such, cybercriminals have sensed an opportunity and not only are they stealing sensitive data from SMEs that do not protect themselves effectively, they are also relying on unrestricted SME websites to advertise their illegal services.
And this goes beyond open forums, as many small business owners that operate market places or open ecommerce sites are unaware that these illegal services are being sold and traded directly from their legitimate website.
This solves the problem of customer awareness for cybercrime traders, as a quick Google search of the relevant illegal services will take them straight to a post on the small business website. However this is obviously bad news for small business owners. While they believe they are running an honest online business, unbeknownst to them, they are facilitating an underground side-operation from their own company.
Genuine potential customers will be unaware that these posts are not supported by the website owners themselves and, after stumbling across these illicit adverts, are likely to lose trust in the company and take their custom elsewhere.
Black market, big money
Not only can such schemes lose SMEs money, but while small business owners are struggling to deal with the costs of running a legitimate business, cybercriminals are making a lucrative trade off the back off them – and in many cases making more money than the SMEs themselves.
The whitepaper uncovered a number of well-paid deals, such as the sale of email addresses for whole regions for as much as £570, while crimeware-as-a-service tools can be rented out for $150 a day and credit card details with a good balance can be sold at £65 a card. But it is vulnerabilities that can rake in the real money for these underground tradesmen and an Apple iOS exploit was recently sold for over £160,000.
Gaining customer loyalty and competing with well-known trusted brands when running a business online is a challenge in itself for small business owners, so it is essential that they don’t get a reputation as a cybercrime facilitator. As such, it is important for small business owners to invest in the right level of protection so that it is not their own customers’ details that are traded online. Moreover SMEs need to make a habit of regularly checking their open forums and comment sections for these dodgy deals.
Cybercrime businesses feed off the vulnerability of others, so creating an atmosphere of alertness and security in the workplace will help to defeat them and their criminal-minded customers.