Cyberthreats on Social Media: The Rising Risk to Small Businesses

Reading Time: ( Word Count: )

August 15, 2023

The rising reliance on social media platforms like Facebook, Instagram, and others for business promotion and sales is evident. Yet, this digital evolution comes with a hefty downside for small business entrepreneurs: heightened cybersecurity risks.

Let me share the story of Pat Bennett, a Cleveland-based entrepreneur. Bennett had built a significant portion of her granola business on Instagram. Yet, as she navigated the dual pressures of rising ingredient costs, her business took another hit. Through what seemed like an innocent interaction with a known contact on Instagram Messenger, Bennett was lured into a scam. This resulted in the loss of access to her business accounts on Meta’s platforms. The scam’s origins are traced back to Europe, but the damage was done. The cybercriminals demanded nearly $10,000 to restore her account access. Pat, however, refused.

Sadly, this is far from an isolated incident. 

Recent surveys by CNBC indicate that while many small business owners underestimate the risk of cyberattacks, the FBI paints a different picture. In 2021, their Internet Crime Complaint Center logged over 800,000 cyber-related complaints, with losses nearing $7 billion. The primary victims? Small businesses.

Also Read: Emerging AI Tools Raising Cybersecurity Concerns

Cyberthreats on Social Media FI

Despite these alarming trends, many small business owners feel platforms like Meta aren’t doing enough. Although Meta does emphasize its ongoing efforts to counter malicious activities and malware threats, the growing number of incidents tells another story.

As small businesses leverage platforms like Instagram and Facebook for marketing and growth, cybercriminals see opportunity. 

While the digital threat landscape might seem daunting, experts argue that the key defense measures are relatively straightforward. Most business owners fail to utilize in-built security measures on these platforms, such as two-factor authentication. Implementing strong password practices, favoring length over intricacy, and using business-specific password management tools can also make a huge difference.

Yet, the broader digital space remains, for the most part, a wild west. Tech behemoths’ lax security practices haven’t gone unnoticed by the U.S. government’s main cybersecurity body, the Cybersecurity and Infrastructure Security Agency (CISA). CISA’s leadership urges these giants to prioritize security in their products, advocating for inbuilt safety measures. However, tangible support for small businesses remains scarce, as the agency doesn’t regulate small business-specific software.

Saher Mahmood

Saher Mahmood


Saher is a cybersecurity researcher with a passion for innovative technology and AI. She explores the intersection of AI and cybersecurity to stay ahead of evolving threats.

Other interesting articles

Automated vs Manual Penetration Testing

Automated vs Manual Penetration Testing

Pentesting is largely divided into two methodologies: Automated vs Manual Penetration Testing. Both have ...
8 Steps in Penetration Testing You Should Know

8 Steps in Penetration Testing You Should Know

Mastering the art of penetration testing has become a critical ability for security experts to combat cyber ...
Spear Phishing vs Whaling: What is the Difference

Spear Phishing vs Whaling: What is the Difference

Spear phishing is a particularly devious type of phishing assault in which the individual targeted plays a ...
How Often Should Penetration Testing Be Done

How Often Should Penetration Testing Be Done

Penetration testing is a crucial technique that involves simulating a cyberattack on networks, computer systems, ...

Submit a Comment

Your email address will not be published. Required fields are marked *