Malware and Phishing: Why Small Businesses Should Care

Businesses have always faced a myriad of challenges, but technology has brought some surprising new ones into our lives, especially with the digital transformation we’ve all experienced the past two years. One is malware. Between 2019 and 2020, malicious attacks increased 158% in North America alone. Headlines from 2021 have included major corporations and institutions that have been targets, such as Microsoft and the Colonial Pipeline. The consequences of these cyberattacks have been severe – from massive data breaches to the extortion of millions of dollars.

Even though the government and big business are the most publicized targets of malicious software, otherwise known as malware, nearly 50% of attacks have been aimed at small businesses. When extortion was the goal in these cases, the median amount of payouts to cybercriminals was nearly $22,000. Unfortunately, with all that small businesses have to manage, a lot of owners don’t pay a great deal of attention to cybersecurity. And even if they do, it’s not an area they really want to invest in, whether it’s their time or their money. 

However, cybersecurity quickly becomes a priority as soon as a business experiences an attack. But by then it may be too late. 60% of small and medium-sized businesses are likely to shut down within six months of a cyberattack.

Nearly 50% of cyberattacks are aimed at small business

We sometimes forget that scammers and hackers target individuals all the time. They’re successful because so many of us share the same mindset – no one thinks it will happen to them. In order to empower you to better protect your business, let’s take a closer look at a few of the threats you may face.


Malware is designed to do damage to a computer or computer network. The term has replaced “virus” to act as a better descriptor and umbrella for a range of cyberattacks that include:

  • Trojans (aka Trojan Horses) – Trojans look like legitimate software you’re asked to download, but in reality its harmful code allows criminals to take control of your computer
  • Spyware – Spyware invades your computer and steals personal information or company credentials, such as your credit card and banking information, web browsing history, and passwords
  • Worms – Worms enter one computer and then spread copies of itself to infect all the computers in your company’s network
  • Ransomware – Ransomware encrypts the files on your computer or company’s computer system, and then blocks access until a financial ransom is paid to the hackers 

According to a 2021 report from Verizon, ransomware accounts for 10% of data breaches in the United States. The payouts have been enormous. The Colonial Pipeline, the source of 45% of fuel consumed on the East Coast, was the target of a cyberattack in May last year. They paid $4.4 million within hours of the attack in order to regain access to their network. The computer hardware corporation Acer ended up paying even more – $50 million – when they were attacked two months earlier in March. 


It’s important to note that 92% of all malware is delivered by email. This is known as phishing.

Criminals will create communications that look like they’re coming from a company you trust, whether it’s retail stores or banks or government institutions. The messages will be branded to look just like the types of alerts you’ve come to expect, and then scare you into opening attachments or clicking buttons that are linked to websites. This will infect your computer with some kind of malware, such as the ones mentioned above.

In addition, phishing is also used to get personal information or company credentials directly from you. Everyone should be wary of any message that asks for the following:

  • Date of birth
  • Social security numbers
  • Credit card details
  • Banking information
  • Passwords

The reason that most malware is sent by email is the sheer success of these nefarious campaigns. Nearly 30% of the targets of email phishing open the messages from the cybercriminals, and then 11% of those people click on the malicious link or open the corrupt attachment. 

Protect Yourself and Your Business

There are several easy ways to protect both you and your business. It may seem like common sense, but do not respond if any email asks you for sensitive personal or company information. Additionally, if an email or text seems like an alert about one of your accounts, do not click on any button, link, or attachment within it. Instead use your own web browser to go directly to the organization’s website. If there are really any alerts on your account, you will find it there. More often than not, nothing will be wrong with your account.

One of the best ways to protect your business is by using Meraki Go. Our Router Firewall offers layers of protection, including built-in security to prevent cyberthreats as well as automatic firmware and security updates to give you ongoing peace of mind. We also offer even greater protection with our Cisco Umbrella add-on. This provides an added defense against phishing and malware. It also allows you to see when your Meraki Go blocks security threats and you will receive alerts whenever any suspicious devices use your business’ WiFi.

We believe that small business owners are superheroes and we want to add to your powers. Security is of the highest importance to us at Meraki Go. Let us help protect you and your customers so you can focus on everything else that makes your business a success. 

Visit the Meraki Go site to learn more about our intuitive and innovative solutions that support small businesses.


Federal Trade Commission
PBS News Hour (2021)
Verizon Data Breach Investigations Report (2021)