Hello and welcome to Think Cyber Secure! Firstly, I want to say thank you reading. I know how valuable your time is, so thank you for choosing to spend some if it with us.

Don’t want to read this post? Listen to the podcast instead:

When we talk to people about cybersecurity, the conversation immediately goes to the sophisticated cyber attacks that dominate the news. 

While these are indeed dangerous attacks, focusing on attacks like these takes focus away from the more common cyber attacks that a small business will likely see. 

There are many other simple and straightforward cyber attacks and cyber risks that are still the weakest links for most businesses. These more straightforward risks are what make up the 5 top cybersecurity risks.

We begin the top 5 cybersecurity risks with Ransomware.


Ransomware is a type of malware that encrypts your files and holds them hostage, until you pay a ransom in exchange for the decryption key. Ransomware attacks have been exploding in recent years, with a 130% increase in 2020 alone.

Phishing & Scams

Phishing is when someone sends you an email claiming to be from a legitimate person or organization. They intend to deceive you into giving up confidential information, unknowingly download malware, or perform a task beneficial to the sender, such as paying a fake invoice. 

With each passing year, it looks as if phishing emails and scams are becoming more sophisticated and harder to detect. They won’t just look like random social media alerts but look like plausible emails from local agencies, suppliers, or trusted partners.

Supply Chain Attacks

In other words, attacks via other companies. A supply chain attack is when cybercriminals attack a company in one area of the supply chain to use them to reach a company at a different supply chain level. 

An example of this is compromising a vendor that serves a large company of interest. Then using that vendor’s access and trust to either attack the large company via a trusted channel or have someone from the large company do something. 

That could be having the large company pay a fake invoice or change banking information for future invoice payments.

There is a good chance you’ve never heard of this type of attack; however, it’s gaining popularity fast. Attacks have grown 420% in only 12 months.

Credential Stuffing

Credential stuffing is a lot like it sounds. Cybercriminals obtain usernames and passwords (together called credentials) leaked due to data breaches. They then stuff them into the login forms of various popular websites and services. They’re banking on people using the same passwords over and over instead of using unique passwords.

Even though the success rate is low (0.02% – 1%), credential stuffing still costs businesses in the united states over $5 billion each year.

Human Error

The last one is Human Error. I know what you’re thinking: This would never happen! However, you’d be surprised. Verison found that in 2018, 22% of data breaches were caused by errors. It only takes one stolen USB drive, one misconfigured cloud service, or one spreadsheet accidentally emailed to the wrong person to have devastating consequences.

Is your business protected from these top 5 cybersecurity risks?

At Think Cyber Secure, we uncover the hidden gaps that cause cyber risk, and develop an action plan that will eliminate the stress and frustration resulting from cybersecurity.

If you’re interested in improving the cybersecurity of your business, then be sure to subscribe and follow along with us.

The goal of the blog and podcast is to help you, as a business owner, an entrepreneur, a freelancer or whatever you may be make your business more cyber secure with detailed tips and information each and every week.

To be sure you’re notified when we publish another post and to get access to other resources as well, subscribe to our mailing list

Statistic References:

  • Ransomware: https://www.beazley.com/Documents/2020/beazley-breach-briefing-2020.pdf
  • Credential Stuffing: https://www.comparitech.com/blog/information-security/credential-stuffing-attacks/
  • Supply Chain: https://www.comparitech.com/es/vpn/cybersecurity-cyber-crime-statistics-facts-trends/
  • Human Error: https://www.comparitech.com/es/vpn/cybersecurity-cyber-crime-statistics-facts-trends/