How to prevent the most common cybersecurity breaches

As a business owner (or an employee), it’s critical to use the right tools and best practices to ensure your company and client data remain safe.

• In 2025, 43% of UK businesses reported experiencing a cybersecurity breach or attack in the past 12 months. That’s over 600,000 businesses.

• Phishing remains the most common and disruptive threat, as cited by 85% of affected businesses.

• The rise of remote work and evolving threat landscape continue to challenge organisations, especially those without dedicated cybersecurity programmes. 

Most of us are aware of the traditional types of invasive attacks, such as computer viruses and malware, but these are just two of many. Email phishing attacks, ransomware, crypto-jacking, data breaches, Denial of Service attacks, and web-based attacks globally cost businesses billions of pounds per year and are on the rise.

It is important to keep in mind that most attacks occur because of (unfortunate) user error or negligence, such as clicking a malicious URL, installing infected applications, or simply not paying attention. Educating staff will help improve overall security significantly, followed closely by appropriate security tools and services.

This month, we’ve put together a list of the most common types of cybersecurity breaches and provided standard mitigations to help prevent them and protect your users.

Email attacks

Generally referred to as Whaling or Phishing Attacks, these target high profile individuals in your business via regular email channels. The sending party, who is often a trusted source such as a partner, client or customer, has been compromised and the attacker is using their email account to masquerade as a trusted source to obtain information or to exploit you for financial benefit. The most common attacks attempt to convince people to send payments for invoices through to a bank account connected with the hacker.

To prevent these kinds of attack, make use of an Email Threat Protection tool. These work by sitting in front of your corporate infrastructure, intercepting malicious content before it enters the corporate environment and allowing legitimate content to pass through seamlessly.

Example:

The CEO is away on business and is sporadically responding to emails. A staff member receives a very short email from them asking for an invoice to be paid asap. The email has the CEO’s standard signature and sentence structure, so it looks legitimate. The accountant, not wanting to get into trouble, processes the request, not realising the hacker has asked for new bank details to be used. Under the circumstances, it’s not immediately clear that the CEO’s email account has been compromised, and the attackers are attempting to capitalise on their travel schedule to exploit funds from the business. 

Ransomware

Ransomware attacks target users’ computers directly, infecting and encrypting all files on a machine and spreading across the rest of the network within minutes. To decrypt the files, the attacker will demand a payment, often in cryptocurrency such as Bitcoin (making it untraceable), before they give you access to the files. The attacker will also take a copy of all documents they find and sell on the black market (often regardless of whether you pay the ransom or not).

Ransomware is by far the most lethal of all attacks to Financial Services firms because it makes client data inaccessible, the ramifications of which can have severe financial penalties from regulators.

Make use of a corporate antivirus and web filtering solutions to help prevent these types of attacks. Also, make sure that only approved software is/can be installed on company devices, as ‘free’ software online is a common vector for such attacks.

Please note, however, not to be caught up by an email attack masquerading as a ransomware attack, i.e., you receive an email that says your data has been encrypted and they demand payment, when in fact they haven’t accessed your system at all.

Denial of Service attacks (DOS)

If you think of the full bandwidth of your office network or Internet connection as a single lane highway, DOS attacks attempt to send ten lanes worth of traffic through the network, effectively causing a digital traffic jam, where no data can be transmitted. 

Denial of Service (DoS) attacks have historically targeted Internet Service Providers (ISPs), large corporations, and cloud service providers such as Microsoft, Google, and Amazon. However, attackers have increasingly expanded their focus to include multiple small and medium-sized enterprises (SMEs) simultaneously. These coordinated attacks can cause severe outages, often localised to a specific country or region, and can disrupt thousands of businesses at once. 

These can be difficult to prevent but as an initial step, we recommend installing a modern firewall that is designed to only allow legitimate data to traverse into your network. 

We recently assisted a client whose website was overwhelmed by thousands of requests — far beyond what their infrastructure was designed to handle. We quickly identified the pattern as a Distributed Denial of Service (DDoS) attack and implemented a multi-layered mitigation strategy. This included deploying a Web Application Firewall (WAF), rerouting traffic through a DDoS protection service, and rate-limiting suspicious IP ranges. Within hours, we restored normal operations and helped the client implement long-term safeguards to prevent future disruptions. 

Web-based attacks 

Often used in conjunction with other attacks listed above, web-based attacks create a spoofed or manipulated website which appears to be legitimate. For example, it might hijack your computer and redirect your email login to a different, identical website, or trick you to go to gooogle.com instead of google.com. These can be used to steal data, direct you to install malware, and potentially give them access to implement a ransomware attack. 

These can be easily prevented by web filtering tools, which scan URLs and can easily detect such attacks significantly more effectively than humans.  
In summary, there are a variety of attacks, which are often aimed at users who are often busy and simply trying to get their work done.  
 
These attacks, however, can be prevented through a series of supporting systems and tools –

• Email attacks – install email threat protection 

• Ransomware – deploy a corporate antivirus solution  

• Denial of Service attacks (DOS) – put your critical systems behind a firewall. 

• Web based attacks – utilise web filtering 

As a bonus tip, it might seem harmless, but hyperlinks and desktop shortcuts are among the easiest ways for attackers to exploit your environment. Whether embedded in emails, documents, or shared drives, they can be manipulated to redirect users to malicious sites or trigger harmful scripts. We recommending removing unnecessary shortcuts and avoid hyperlinking text – especially in shared files or templates. Instead, paste full URLs where needed and encourage users to verify links before clicking. A little friction up front can prevent a major incident later. 

If you are already a client of B.TECH and our Secure365 subscription service, we will have already implemented several layers of security to your Microsoft 365 account, significantly reducing the risk of cyber-attacks. If you would like to learn more about different types of threats and how to prevent them, please check out our website (www.buchanantechnology.co.uk).