The True Cost of Cybercrime in the US

Blog Understanding Cybersecurity

Cybercrime is on the rise in the United States, and accountants are on the frontline when it comes to being targeted by cybercriminals.  

Across the entire of United States, cybercrime last year cost American’s an estimated $320 billion dollars 

The thought on many accountants’ mind is they are too busy and don’t have time to really focus on cybersecurity above the bare minimum. Afterall, you have clients to manage, filing to make, books to close, and other more pressing work to do. But did you know in the USA accounting firms and other financial institutions are the 5th most targeted industry when it comes to cyberattacks?  

What is cybercrime? 

Put simply, cybercrime or cyberattacks are an attempt by cybercriminals or hackers to access your computer to access, alter, steal, destroy or expose information. When people think cyberattacks, they often think of someone in a dark room sitting behind a screen attempting to hack into your systems. But, really the most common types of cyberattacks come from criminals who are attempting to trick you, or your staff, into giving access willingly. That is why training your staff on cybersecurity is key, but it is not the only thing you need to protect your sensitive data.  

What are the most common types of cybercrime? 

When it comes to cybercrime most people are in the dark about just how insidious and far reaching it is. Most people are aware of some different types of cyberattacks, but below are the most common types of attacks we see at Practice Protect.   

  • Business Email Compromise: often referred to as BEC, a common scam which costs the US $50 billion a year. This is a type of cybercrime where the scammer uses email to trick you into sending money or sharing confidential information such as passwords or login details. Often the criminal will pose as someone you know and trust within your organization.  
  • Phishing: perhaps the most famous cyberattack, phishing is when the criminal uses email, SMS, phone or social media to get you to share sensitive information or to download malicious software. On average, Practice Protect stops at least 255,000+ of these attacks a month.   
  • Ransomware attacks: often the result of a successful phishing attack and the second most famous type of cybercrime, malware, or ransomware, is where a malicious program is downloaded into your systems and denies access to files and information until a payment is made. Malware can also be installed not for ransom but to destroy or harm the computer, network or server to access passwords. In the US alone, this crime cost over $1 billion last year in ransoms paid.  
  • Insider threats: the attack you hope will never happen. Insider threats are when an employee or partner you trust actively sabotages your business. By using access, they already have to your systems they either sell access to others or use this access to embezzle funds from you or your clients.  
  • Man-in-the-Middle attacks: usually known as a MITM attack this is a more sophisticated threat. This attack is where the malicious actor tries to inject themselves into the “conversation” your computer is having when trying to login to a program or network. They are trying to gain access to passwords or banking details. They may also redirect your browser to a convincing looking login page prompting you to change login details or complete a transaction on the fake page.  

Does cybercrime really impact accountants?  

You may be thinking, that is all well and good, but I am just a small accounting firm, why would anyone really want to attack me? It is a fact 43% of cyberattacks target small businesses in the United States.  

Accountants may be most at risk of the attacks which focus on trying to access passwords and other sensitive data. Afterall, as accounting professionals your clients have entrusted their financial data to you, and that can include banking details, social security numbers and other sensitive information. If a criminal can use your firm as an intermediary, they can access your client’s systems.  

In fact, many USA CPA societies are warning of the increased attacks on accounting firms. You can no longer remain complacent, particularly with the FTC putting regulations in place that accounting firms must follow to protect their clients’ data.  

How do accountants protect themselves from cybercrime?  

Accountants can bolster their defenses against cybercrime by leveraging Practice Protect, a dedicated security platform designed for accounting firms.  

Practice Protect focuses on strict access controls, ensuring that only authorized personnel can access sensitive client data. We also offer comprehensive training for staff, educating them on the latest cyber threats and how to recognize phishing attempts or malicious software.  

If you want to ensure your firm is protected against cyberthreats, Practice Protect can help. Book a complimentary Security Consultation today 

 
Read more

Remote Work and Cybersecurity – Key Things for Accountants to Know

It's impossible to be in accounting and not know of the major talent shortage facing firms. Discover how remote work and cybersecurity go hand in hand. Read more

Cybersecurity Training for Accountants: Best Practices and Top Solutions

In the intricate world of numbers and financial data, this guide emphasizes the indispensable nature of cybersecurity training for accountants, unveiling industry-specific best practices and highlighting Practice Protect as the go-to cybersecurity shield. Read more