0:02

Hello and welcome back to

0:04

Business by the Books, the podcast that helps

0:06

you understand your numbers and make smarter

0:09

financial decisions. I'm Danielle Hayden, CPA

0:11

and founder of Kickstart Accounting, Inc.

0:13

and your host. Today

0:16

we're going to be talking about something critical for every

0:18

single business, and that's cybersecurity.

0:21

As business owners, you know, we are

0:24

laser focused on growth,

0:27

profitability, strategy.

0:29

We are visionaries, and it's hard

0:31

to think about what will happen

0:33

when there's cyber threats that put

0:36

everything that we've built at risk.

0:39

You guys, a single phishing email,

0:42

password breach, or scam

0:44

could mean lost revenue, stolen data,

0:47

and most importantly, major, major headaches.

0:50

And let's be real, none of us really have time

0:53

for any of that. So today, I want to break down

0:56

the biggest cybersecurity threats

0:59

facing small business owners and the simple steps

1:02

you can take to protect your business

1:05

and your finances. Now, let's start with

1:07

some of the biggest scams that we're seeing

1:09

that target small business owners.

1:12

We have the common text message scams.

1:15

These are total scams.

1:17

So if you've ever heard or received a text message

1:20

saying you have an unpaid toll, click here

1:23

to pay now to avoid penalties,

1:26

stop! Don't click.

1:28

This scam is designed to steal

1:31

your payment information. So if you're unsure,

1:34

go directly to your toll provider

1:36

or the traditional snail mail

1:39

that you've received to check your account.

1:42

This can also happen with shipping.

1:45

So there are text messages

1:47

that say that your package

1:49

has been rerouted, or there is a

1:52

payment problem with your package

1:54

and to update the payment information. So watch for

1:58

the text message scams.

2:00

Do not click on the link. Do not reply.

2:03

Go and log in to that

2:05

provider's website. Then we have

2:08

the email scams, you guys. These phishing

2:11

scams have gotten good

2:13

over the years. These cybercriminals,

2:16

they are getting more and more sophisticated

2:18

with their emails. So some of the common traps

2:21

that we see are fake DocuSign requests.

2:24

I get this one, I want to say,

2:26

almost every single week, where they are

2:29

trying to send me a fake DocuSign request.

2:33

So before clicking on anything,

2:35

the key here, you guys, is do not

2:38

click on anything. Always verify

2:40

who sent the document before signing.

2:43

If you weren't expecting anything,

2:46

don't click on it or give that person

2:49

a call or shoot them an email

2:51

separately to verify if they

2:53

sent you something before clicking on the link.

2:56

Another oldie but goodie is the gift card request.

2:58

So if someone on your team

3:00

or a client or vendor is asking you to buy

3:04

gift cards, you can always assume

3:07

that this is a scam. So gift cards

3:10

or any type of prepaid card,

3:12

we can always assume that those

3:14

requests are fake. Then we have our wire

3:17

transfer request. Double-check

3:19

with a phone call before sending money

3:21

to literally anyone.

3:24

You know, these phishing emails

3:26

are requesting that you send

3:29

wire transfers, Zelle

3:31

transfers, Cash App requests,

3:33

and you can usually see

3:35

somewhere in the email was something

3:38

generic like “Dear Customer,” or

3:41

you can tell by the tone of the request

3:44

that it's urgent and they're really

3:46

pressuring you to act fast.

3:48

So whenever you receive

3:50

any type of request for money,

3:53

pick up the phone, call the individual

3:56

before sending any money to anyone.

3:59

Look for those generic

4:01

greetings or grammar errors

4:04

in that email. You'll be able to tell

4:07

when you really read through it

4:09

that this email was fake.

4:11

You can also hover over the link

4:14

before clicking it, and if the URL

4:16

looks odd, don't click it.

4:18

This is a big theme here in terms of the email

4:22

scams, the phishing emails,

4:24

is do not click on anything

4:27

that doesn't look or feel right.

4:30

If you were not expecting a link from that individual,

4:33

do not click on it. Shoot them an email,

4:36

text message or phone call. Double-check

4:39

that this is a real request before

4:42

clicking on any links.

4:44

What do we do to keep ourselves safe?

4:47

Passwords are going to be your first

4:49

line of defense. We need to use

4:51

unique passwords for each account.

4:54

Do not repeat them.

4:56

Make sure that they are strong with a mix of upper

4:59

lowercase numbers and symbols.

5:01

You can use a password manager.

5:04

And always, always, always enable

5:07

the two-step authentication. This adds

5:09

an extra layer of security by requiring

5:12

a one-time code that is sent

5:14

to your phone. Now, it is really hard

5:16

for me to tell you to always

5:19

enable your two-step authentication,

5:21

because needing codes is our number one

5:24

barrier to receiving our client statements

5:27

here at Kickstart Accounting.

5:29

I know how annoying it is

5:32

to receive these codes and have to

5:35

deal with the code, but they are here

5:38

to protect you. We need to have

5:40

these codes. As a Kickstart

5:42

Accounting, Inc. client, and this is really if you're working

5:45

with any bookkeeping firm, we will never call you

5:48

for a QuickBooks code.

5:51

If you are receiving a phone call

5:54

for QuickBooks code, please

5:56

do not give it to them. If somebody calls you,

5:59

hang up and call the number that you have

6:02

for your Kickstart Accounting team member

6:05

or send us a message through Financial Cents.

6:08

Every single one of our clients has been set up

6:10

within Financial Cents. It is a secure portal.

6:14

You guys, the reason that we use Financial Cents

6:17

is to focus on security,

6:21

so you can send us a message in the portal

6:23

to ensure that you are communicating

6:26

with a Kickstart Accounting, Inc. employee.

6:29

We will not call you for those QuickBooks

6:32

codes. Please make sure

6:34

that you're communicating through Financial Cents

6:36

if you are not sure if it is a Kickstart

6:39

Accounting, Inc. employee. Remember to keep your business

6:42

data safe. We have heard of clients

6:45

who have fallen a victim of having

6:48

their entire computer

6:50

actually held at ransom.

6:52

So use Google Drive

6:54

or Microsoft OneDrive

6:56

to store all your important documents

6:59

securely so that if somebody does

7:01

hold your computer ransom,

7:03

that you have all of your important documents

7:06

and pictures already saved in Google

7:09

Drive or Microsoft OneDrive

7:11

so that you can go restore all of those documents.

7:15

Set up your automatic backups

7:17

so that you'll never lose that valuable data.

7:20

So if a cyber attack happens,

7:22

you will always know that you can recover

7:25

your own information through OneDrive

7:27

or through Google.

7:30

Most importantly, again, think before you click.

7:33

Your computer won't be held at ransom

7:35

if you don't click on the links

7:38

that feel off. You know,

7:40

guys, this is going to sound like the most simple advice

7:43

here. My father has been telling me since I was

7:45

a little girl to slow down,

7:49

and I know as business owners

7:51

we are going a million miles a minute.

7:54

We have a lot of responsibility. Clients calling,

7:57

team members calling off, deadlines, taxes,

8:01

and we have all of these

8:03

different responsibilities pulling our attention.

8:06

I want to encourage you to take a breath,

8:09

slow down and verify

8:12

before clicking anything.

8:14

Do not click anything

8:17

that feels off.

8:19

Trust your gut. If you get any

8:22

suspicious requests, right? If a text or an email

8:25

feels suspicious, do not click call

8:29

and verify the request

8:31

to the sender directly

8:33

and then report the scam. Remember,

8:35

the cybercriminals, they want you to act

8:38

fast, right? When you're acting fast,

8:41

you're overlooking their errors.

8:44

You're overlooking that the email doesn't

8:47

look grammatically correct or that

8:49

the time of day feels off.

8:52

Take that time to really think about,

8:55

you know, who am I sharing this code with?

8:58

Why would they need it? What time of day

9:01

are they calling? And it is always

9:03

okay to say no

9:05

and then read. Communicate

9:08

to your bookkeeper, to your tax team,

9:11

or to the individual who's making that request

9:14

through the means of communication

9:17

that feel secure to you.

9:19

So quick recap: Be cautious with emails

9:22

and texts. Don't click any links

9:25

and do not share any personal

9:27

information. Use strong, unique

9:31

passwords. Never reuse them.

9:34

Turn on the two-step authentication

9:36

for extra protection wherever you

9:38

possibly can. Backup all of your files

9:42

to Google Drive or Microsoft OneDrive.

9:45

Take your time and verify

9:47

before acting. Scammers

9:50

want you to rush.

9:52

By taking these steps, you guys, we can protect

9:55

our businesses. We can protect

9:58

our families. We can protect our hard

10:01

earned money. Remember, this cybersecurity thing?

10:04

This isn't just for big companies.

10:07

They are attacking us,

10:09

these small business owners.

10:11

And you work too hard

10:14

to grow your business,

10:16

to bring in cash and we need to keep

10:19

your business safe from cyber threats.

10:22

So from today's episode, I want you

10:24

to be on alert.

10:26

Take action. And remember,

10:28

if you're sharing information with Kickstart

10:31

Accounting, we will always request

10:33

that information through Financial Cents

10:36

or from Kickstart Accounting

10:38

software and tools.

10:40

If it ever feels uncomfortable,

10:43

do not share. As always,

10:46

we'd love to hear from you. You can connect

10:48

with us on Instagram over @KickstartAccounting

10:51

All right you guys, until next week.

10:54

I hope you enjoyed today's episode

10:56

of Business by the Books. Don't forget to hit

10:58

like and subscribe! This is the number

11:01

one way we can help other entrepreneurs

11:03

find this podcast, because here at Kickstart

11:06

Accounting, Inc., it is our mission

11:08

to help entrepreneurs understand

11:10

their numbers, get access to this information,

11:13

and grow and thrive in their business.

11:15

So please help me, help other

11:18

entrepreneurs understand their numbers

11:20

so they can finally