Phishing, P2P, Drive-Bys Top SMB Security Risk List

File sharing, drive-by downloads, social nets, phishing, malicious attachments -- according to a new report, these are the leading approaches for criminals targeting small and midsized businesses.While many small and midsized businesses are (rightly) increasingly alert to insider risks, that's no reason to relax at all when it comes to threats from beyond the firewall.

That's one of the key points in a new Dark Reading report, SMBs in the Crosshairs.

And the crooks' crosshairs really are increasingly trained on your business, according to the report's author, Randy George, "small businesses in particular are a filet mignon for hacks and digital criminals."

The reasons? Too little money, time, expertise, awareness, too much over-confidence... all of which make SMBs all too easy prey for:

Malware Laden File-shares: If you're letting your employees run unfettered P2P programs, stop.

Drive-by Downloads: Unpatched and older browsers need to be replaced/updated before anything else.

PDFs With Payloads: Adobe's vulnerabilities catalog continues to grow, and some of that growth is taking advantage of SMBs increasing use (like everybody else) of PDF files.

Phishing: The one that won't go away, and continues to grow as phishers rebuild and replace networks. If you haven't had the "immediately delete unfamiliar e-mails unopened" talk with your employees lately, have it now.

Social Networking: The risks of social nets are growing as fast or faster than the networks' popularity, to the point where one-third of SMBs have already encountered social network-borne malware; put a thorough (and tough) social networking policy in place, enforce it, and then reinforce it constantly.

The complete Dark Reading report SMBs in the Crosshairs: Understanding he Threats, Defending the Business can be downloaded here (registration required).