Fraud can impact any organization at any moment. It’s just a matter of time until the next breach occurs. Auto dealerships are prime targets. They collect more consumer information than ever before. In some cases, it’s even more than banks. That’s why the FTC Safeguards Rule requires dealerships to develop, implement and maintain a comprehensive security system to keep customer information safe. Having an information security program is no longer just needed for dealerships—it’s mandated.
The Results of Cyber Attacks on Dealerships
Cyber attacks cost small to mid-sized businesses more than just dollars. In fact, 60 percent of small companies that suffer a cyber breach go out of business within six months.
The Impact of Cyber Attacks on Dealerships
For auto dealerships, nearly 84 percent of consumers would not buy another car from a dealership that had a security breach.
Approximately 33 percent of consumers are not confident in the security of their personal and financial data when buying a vehicle at a dealership.
Areas of Vulnerability in Dealerships
Cybersecurity risks often happen in places where you wouldn’t think to look. Common areas include:
It takes about six minutes for a sophisticated hacker to break into a dealership’s Wi-Fi network. Why is this important? Dealerships often have open Wi-Fi networks to allow their customers to work while they wait. These networks are connected to their core networks, allowing data breaches to happen.
Email Attachments & Malware
Your users are your number one threat to security, either intentionally or accidentally. More than 80 percent of all attacks involve some form of social engineering attack method where users are tricked into allowing a hacker the means to compromise your system or identity.
A key issue falls in malware and malicious email attachments. Studies have shown that 49 percent of malware is installed via malicious email attachments. Many people think that when their machine is infected by a virus or malware, it’ll stop working. But most malware is designed to allow hackers remote access and control over a system.
Phishing emails are getting more sophisticated, but you want to look for who it’s from and make sure it’s legitimate. If there are any links, make sure they line up with what you’re expecting. If they don’t match, it’s highly suspicious.
Don’t be fooled by emails from people you know either. If it’s not something you’re expecting, or just looks odd, pick up the phone and call. Otherwise, completely ignore it.
A large threat to any organization is their internal users. This is escalated in the dealership world due to sheer volume of employees. From the sales floor to the shop, how do each of your employees interact with your systems and the risks they impose? Security awareness training should be given to people who are posing the greatest risk to the organization.
A common occurrence is wire fraud. The scammer will pretend to be an executive or executive assistant and ask for a wire transfer.
If you don’t have the proper controls in place, money can quickly leave your account and end up in the hacker’s bank account. Often, they won’t do it one time, rather, they’ll continue to do it repeatedly if you keep sending the money.
Our team of IT professionals has identified 12 questions to help gauge your current security risk areas and assess your overall IT health. Most importantly, the results will provide tips to help you make actionable improvements now.
From data backups to your administrative protocols and password protection processes, this IT quiz will give you some quick wins to take back to your organization. Know how your security stacks up while learning best practices for optimum network stability, disaster recovery, and IT health.