Phishing attacks - an attack that never seems to drop off in popularity because, frankly, it works. These days phishing has gone from an opportunist crime to a highly-targeted form of social engineering which exploits the reliance of small firms on email communications. These can impersonate known contacts, often financially related, quite convincingly.
Invoice fraud - now the most popular SME cybercrime, criminals impersonate real invoices using methods that are sometimes crude but also sometimes highly sophisticated. There are numerous forms of this type of fraud which makes generalising about it very difficult. All require money to be transferred or redirected into bank accounts which can appear to be from known suppliers of clients. The invoice fraud scam raises a major weakness with today's banking security - there is almost no guaranteed authentication that can reliably tell a real invoice from a fake one.
Data breaches - just as much a threat to SMEs as any other size of firm. But for an SME that has its date stolen the cost will be proportionately higher in terms of clean-up and possible fines by bodies such as the ICO. In 2015, PwC pus this at between £75,000 and £310,000 for larger SMEs.
Sign up for CIO Asia eNewsletters.