Small Businesses Targeted By Surge in AI-Powered Scams
A recent Nationwide survey reveals that one in four small business owners were targeted by artificial intelligence-powered scams in the past year, highlighting the growing threat of sophisticated cyberattacks and the urgent need for improved defenses in the digital age.
As the rapid advancement of generative AI technology opens new avenues for sophisticated cyberattacks, small businesses are grappling with the daunting challenge of fortifying their defenses against an ever-evolving threat landscape. The Nationwide survey found that most of the reported attacks involving attempted fraud using email, voice, or even video impersonations of other business owners or senior-level employees.
The sophisticated nature of these scams has left many small business owners struggling to tell fact from fiction. Over half (52%) admit to being personally fooled by a deepfake image or video in the past year. A staggering 9 in 10 say that GenAI scams are becoming increasingly advanced, making them harder to detect and prevent.
“As GenAI continues to transform various industries, its misuse in scams presents a significant challenge for small businesses with fewer resources for cyber defense than larger corporations, making them easier targets for cybercriminals,” said Nathan Lentz, vice president of Small Commercial Sales and Distribution for Nationwide. Smaller enterprises often lack the robust cybersecurity measures and dedicated IT staff that help larger companies ward off cyber threats, leaving them more vulnerable to attack.
Small Businesses Enhancing Cybersecurity But Still Vulnerable
Small business owners are increasingly concerned about the threat of cyberattacks, with 69% now worried about potential incidents that could grind their operations to a halt, which is a significant 16 point jump from just last year and a 31 point increase since June 2020.
Fortunately, many are taking proactive steps to bolster their cyber defenses, Nationwide’s survey found. Two-thirds, or 65%, of small business owners feel prepared to prevent an attack, a confidence likely stemming from enhanced employee training initiatives. Also, 71% now provide formal cybersecurity training to their staff at least annually, while 36% regularly send phishing test emails to keep workers vigilant.
However, Nationwide noted that many owners are still vastly underestimating the potential damage from a cyber incident. A full 81% believe an attack would cost under $5,000 in recovery, when in reality the average cyber insurance claim for a small business ranges from $18,000 to $21,000. There are also misconceptions about recovery time, with 22% thinking they could be back up and running within a month. Actual data shows the average time to recover is a much lengthier 75 days, the report stated.
While two-thirds of small business owners are confident in their ability to recover from a cyberattack, only 42% report having purchased cyber insurance coverage, which can be a critical backstop in the event of a malicious breach.
According to Nationwide’s survey, most small business owners either expect their non-cyber insurance policies to cover losses from a cyberattack or simply haven’t taken the time to think about what they would do post-attack. And while 69% say they have an incident response plan in place, over a quarter (28%) admit that their plan is outdated.
“The time for business owners to figure out how to navigate a data breach is not during the incident — that could be an expensive and potentially business-threatening lesson for owners to learn,” said Lentz.
View the full report here. &