PHISH & TELL 003

The Cybersecurity Brief for Women Who Mean Business

Author

Alexia Idoura
April 18, 2025

👋 WELCOME to Phish & Tell™️

Each week, I’ll send you a no-fluff email that helps you:

  • 💻 Protect your business from digital scams & hacks

  • 👩🏾‍💻 Learn cyber safety without needing to “speak tech”

  • 🔐 Feel confident knowing you’re locked down tight

You’re not just building a business.
You’re building something worth protecting.
Let’s make sure no one gets to mess with it.

(Ran a little late this week — had pink eye in both eyes this week — ugh! 😑)

🎣 PHISH ALERT: TOP 5 CYBERSECURITY THREATS OF THE WEEK

Small businesses in the U.S. are contending with several pressing cybersecurity challenges. Here are the top five:​

  1. The “Vulnerability Warning System” Almost Got Shut Down

    The system that alerts businesses about new software problems (called the Common Vulnerability and Exposure — aka CVE — program) almost lost funding this week. Thankfully, they got a last-minute 11-month reprieve so they can figure out how to keep going without government funding.

    ✅ Why it matters: If this system ever stops, businesses could miss warnings about software holes that hackers can exploit.

    👉 What to do: Set software to update automatically. Consider using a managed security service provider to monitor your computers so no CVEs are missed. There are too many to monitor manually.

  2. Hackers Are Using AI to Make Their Attacks Smarter

    Cybercriminals are now using artificial intelligence (AI) to trick employees more effectively—especially through fake emails (phishing). These scams look more real than ever.

    ✅ Why it matters: Small businesses are easy targets, especially if employees click on these fake messages.

    👉 What to do: Train your team to spot suspicious emails and texts, and use email filters and security software.

  3. Microsoft Fixed a Huge List of Software Problems

    Microsoft released fixes for over 130 security issues in its software this week, including one that’s already being used by hackers. (I think I said 120 earlier this week — I stand corrected. 😬)

    ✅ Why it matters: If you’re using Windows, Microsoft Office, or any other Microsoft tools, your system could be at risk if you don’t update.

    👉 What to do: Install the latest updates right away. 👉Also, know that Windows 10 will stop getting free updates later this year (October 2025), so it’s time to plan an upgrade.👈

  4. Your Vendors Could Be Your Weakest Link

    Hackers aren’t just going after your business—they’re also targeting the companies you rely on, like your payroll, accounting, or tech support services.

    ✅ Why it matters: If your vendor gets hacked, your business could still be affected. Payroll hacked? Could be back to spreadsheets and paper checks for a while.

    👉 What to do: Ask your service providers what cybersecurity steps they’re taking, and choose trusted partners with good security practices.

  5. How Much of a Cyber Attack Could Shut Your Business Down?

    Forbes shared a VikingCloud report that stated that over half of small to medium sized businesses would close with a $50,000 impact, while nearly a third would even if the impact were less than $10,000. (Nearly three in four small and medium business owners either manage their own cybersecurity or rely on untrained family members or friends.)

    ✅ Why it matters: Even a single hack can do you in.

    👉 What to do: Create a basic cyber plan, train your staff, and think about cyber insurance to protect your business. Consider using a managed security service provider to monitor and manage your devices and help you if you are attacked.

🔍 In Case You Missed It (ICYMI)

🔐 LOCK IT DOWN

Enable Multi-Factor Authentication (MFA) on All Business Accounts

Why it matters:
MFA adds a second layer of security—like a code sent to your phone—so even if hackers get your password, they can’t get in.

What to do (in under 5 minutes):

  1. Go to your business email, bank, payroll, or software account settings.

  2. Look for “Security” or “Two-Factor Authentication”.

  3. Turn on MFA using a text message, email, or authenticator app.

✅ Bonus Tip: Start with your email account—it’s the key to everything else!
.

🤖 The LOL-gorithm

🧷 THE SAFETY SNAP

👩‍💻 Protect Your Digital Identity on Social Media

Why it matters:
Women are more frequently targeted by online harassment, impersonation scams, and social engineering attacks that start by gathering personal info from social media.

What to do: 🔒 Tighten your privacy settings on platforms like Instagram, Facebook, and LinkedIn.
🧠 Be mindful of what you share—avoid posting details like your home location, travel plans, or personal routines.
🎭 Use a different name or username for non-professional accounts to separate your public and private identities.
💬 Ignore and report DMs that feel suspicious or overly personal—especially those pretending to be from a business or bank.

 WORRIED ABOUT YOUR SOCIAL MEDIA ACCOUNTS?

👉 Grab the free Social Media Lockdown Guide.

Say goodbye to the fear of waking up to a compromised account. Learn how to protect your accounts from hijackers and scammers in five steps.

💬 IN YOUR CORNER

Worries? Questions? I’m in your corner. Let me know!

👋 DM me @securitydoneeasy with your Qs
🔐 Get on the waitlist: A 90-minute live experience for women leaders who want to be ready — not reactive — in a cybersecurity incident. Coming soon.
💌 Forward this to a biz bestie who needs to stay scam-proof, too!

👂 TELL ME

You’re subscribed to Phish & Tell™️ because your business is worth protecting.
Feel safe, stay savvy, and don’t click shady sh*t. ;-)

🩷