Although we don’t like to admit it, succeeding as a small to mid-sized business (SMBs) takes more than a great idea and strong work ethic. Vigilance and the ability to anticipate the unexpected — whether it’s unforeseen costs, dips in the economy, or other more ominous issues — is all part of the job description for every small business owner.

The hustle and bustle of the holidays leaves room for vulnerabilities to sneak in, as employees plan vacation time, new hires are onboarded, and cybercriminals take advantage of your customers and your business. International Fraud Awareness Week is November 17-23 this year, and there’s no better time to examine some of the “more ominous” of these threats, and the practical ways you and your employees can remain vigilant to fraud.

Fraud is Still a Costly Threat to Small Businesses

A 2019 survey by LexisNexis found that for every actual dollar a business loses to fraud, they incur a total fraud loss of $3.13, costing SMBs thousands to millions of dollars in repercussions. This cost stems from related legal and cybersecurity expenses, untimely reconciliation of accounts, and disruptions to daily business operations.

If business fraud escalates to a data breach, your livelihood is at risk — 60% of SMBs suffering a security incident close their doors within 6 months. Fraud is indeed a threat, but there are positive steps you can take to bolster your business security.

Four Fraud Protection Tips in Honor of International Fraud Awareness Week

1. Strengthen Your Password Policy

Only 39 percent of employees admit to regularly changing all default passwords. Many of these passwords are repurposed within accounts and may have been exposed in a previous data breach. Each business account should have a long, unique password that includes non-dictionary words, numbers and symbols. Remind employees to set time aside to update all passwords and use an encrypted password manager to keep track of them. Use two-factor authentication when applicable, as it is your greatest defense against account takeover fraud.

2. Prepare for Influx of Vacation Time

When employees are away, the fraudsters will play! The end of the year and holiday time leads to fewer resources on hand, allowing everyday procedures to fall through the cracks. Practicing your Incident Response Plan and implementing security awareness training for seasonal employees is key in defending your business during the busy holiday shopping season.

3. Protect BYOD Devices

The increasingly popular practice of Bring Your Own Device (BYOD) to work has significantly increased the number of threats to data security, with more than 80% of employees using their personal phones, laptops, and tablets for business. By refreshing your Mobile Device Policy and investing in a mobile cybersecurity solution, you can ensure your employees are following safe practices that protect sensitive business information.

4. Put Business Identity Theft on Your Radar

Much like individuals, SMBs are also at risk for business identity theft. Criminals may impersonate a business using its name, tax identification number or even the owner’s Personally Identifiable Information (PII) to open new credit accounts, commit tax fraud, rack up debt, and more. Secure and encrypt all business data, including that of your employees and customers, avoid common scams, and review tax records and credit reports for signs of misuse.