Phish & Tell
Posts
PHISH & TELL 013

PHISH & TELL 013

The Cybersecurity Brief for Women Who Mean Business

Alexia Idoura
July 18, 2025

👋 WELCOME to Phish & Tell™️, from Security Done Easy™️

You’re not just building a business.
You’re building something worth protecting.

🎣 TOP CYBERSECURITY NEWS STORIES OF THE WEEK

Lucky issue #13! Here are the top stories of the week.

Ransomware Surges in H1 2025
📖 Source: IT Pro – “The ransomware boom shows no signs of letting up…”
In the first half of 2025, reported ransomware attacks jumped 49% to 4,198 cases, with U.S. SMBs—especially manufacturing, construction, and IT firms—hit hardest. Ransomware as a Service (RaaS), remote work weaknesses, and economic pressures are driving the rise.
✅ Why it matters: SMBs with 51–200 employees and ~$5–25 m revenue are prime targets.
👉 What to do: Train your teams, have everyone use multifactor authentication, set up endpoint protection (antivirus scanning, for example), patch your systems and apps, and set up dark-web monitoring.
SMBs Boost Cyber & AI Adoption
📖 Source: Verizon via Lifewire – “Verizon Survey: Small Businesses Are Going All‑In on Tech”
Verizon reports 38% of SMBs now use AI for business tasks, and nearly half upgraded cybersecurity platforms in the past year.
✅ Why it matters: Tech-savvy SMBs are proactively balancing digital growth with cyber protection.
👉 What to do: Consider some of the more affordable AI-enhanced cybersecurity options and make sure your AI usage is set up securely.
Zip Security Nets $13.5M to Serve SMEs
📖 Source: Axios – “Zip raises $13.5 million for SME cybersecurity”
Startup Zip Security raised Series A funding to automate affordable cybersecurity for small/mid-size businesses, citing real hacks like the solar installer’s compromise.
✅ Why it matters: More specialized vendors are entering the SME space.
👉 What to do: Explore tailored, automated cybersecurity services that fit small‑biz budgets.
Managed Service Providers (MSPs) Now Crucial for Mid-Sized Firms
📖 Source: IT Pro – “MSPs emerge as key security partners for mid-market”
85% of firms with 1,000–2,000 employees now rely on MSPs for security services; 24/7 coverage and tool management are top needs.
✅ Why it matters: Even larger SMBs are outsourcing complex cybersecurity tasks.
👉 What to do: If managed services are on your roadmap, prioritize reliability, scalability, and SLAs. Note that specialized Managed Security Service Provider (MSSP) services are available and affordable for small businesses — $20 per account per month to protect your business? Can’t beat that. See below.
EU Cyber Resilience Act Set in Motion
📖 Source: Wikipedia – “Cyber Resilience Act”
The European Cyber Resilience Act mandates automatic updates, incident reporting, and minimum cybersecurity requirements for digital products (in this case referring to apps, SaaS platforms, some hardware — basically anything that could connect to a network or another device), from the design stage on.
✅ Why it matters: U.S.-based vendors selling into the EU must adapt or face fines.
👉 What to do: It applies to all SMBs who sell to anyone in the EU, even solopreneurs. (There are some scaled requirements for microenterprises—fewer than 10 employees and <€2 million in revenue—but compliance is still required.) Review your security practices (design, development, update process), create/update documentation for security support and disclosures, and ensure vulnerability reporting is enabled. If you have questions, check with a lawyer familiar with security and privacy laws in the EU.

Not sure what applies to your business or what your options are? Let’s talk.

🔍 In Case You Missed It (ICYMI)

Last week’s Security Done Easy blog post: Navigating Cybersecurity Grants for Small Businesses »
We have a new free 3-page PDF resource: How to Identify and Avoid Scams: A Simple Guide »
Follow us on Facebook or Instagram.

🤖 The LOL-gorithm

🧷 THE SAFETY SNAP

Fake Delivery Texts Are Exploding 📦📲

“Your package is on the way! Track it here…” Sound familiar? Scammers are flooding phones with fake delivery texts, often impersonating USPS, UPS, or Amazon. These texts often contain malicious links that install spyware or steal login credentials.

📈 The FTC reports thousands of phishing complaints tied to package scams—especially during busy shopping seasons.

🚫 Don’t click links in unsolicited texts. Instead:

Go directly to the delivery carrier’s website or app.
Verify tracking numbers manually.
Report spam to 7726 (SPAM) on your phone.

🔐 Tip: Use multi-factor authentication (MFA) so stolen passwords can’t be used alone.

🔗 More info: consumer.ftc.gov

💬 A PERSONAL NOTE

This week felt refreshingly… manageable. Less stress, more ease.

Taking my youngest to a week-long day camp, I had rare quiet moments during drop-offs and pick-ups to catch up on my favorite podcasts. I even carved out time for actual self-care during the week: grocery delivery (bless it) instead of another errand to run, sleep, binging a show with another kid while I worked, and some quality time with my grand-kitten, who’s currently living his best life as a spoiled house guest.

There was work, of course—but it flowed better. I’m reminded how good it feels when we build in space to breathe.

👂 TELL ME

Are you finding this newsletter helpful? Do you have questions or topics you’d like me to cover? Let me know :-) [email protected]

You’re subscribed to Phish & Tell™️ because your business is worth protecting.

🩷