What Business Owners Need to Know About Cybercrime

What cybercrimes happen during breaches

Of course, access alone isn't what cybercriminals are after. Financial gain is nearly always the goal, and here are some of the ways they attempt to steal from businesses.

1. Ransomware: The most common cybercrime is ransomware, in which criminals infiltrate a company’s computer system, lock out administrators, and threaten to do damage unless the company pays up. In 2024, 44% of business breaches involved ransomware, up from 37% in 2023, according to Verizon. 
   
   Ransomware is a type of malware, or malicious software, that intends to cause harm to a computer. On a positive note, the amount of ransom scammers demand has been declining as more companies refuse to pay and law enforcement targets ransomware infrastructure.
   
   
2. Data theft: Cybercriminals frequently aim to steal sensitive data, such as financial records, personal information, and intellectual property. In 2024, data theft was an outcome in 18% of cyberattacks tracked by the IBM X-Force 2025 Threat Intelligence Index.

   
   Data theft can take several forms. Frequently, cyber attackers sell credentials and sensitive consumer data to other criminals. Attackers can also use stolen business information to commit business identity theft. Similar to personal identity theft, they use the data to imitate the business and obtain benefits in its name.
   
   

3. Extortion: In extortion cases, attackers gain access to a business’s sensitive data or systems and demand payment. Rather than using malware to lock out administrators, attackers steal or copy confidential data that could damage the company and demand payment to prevent them from releasing it to the public. Extortion was involved in 13% of cyberattacks in 2024, according to IBM’s latest X-Force report.
   
   

4. Impersonation: Cybercriminals use BEC to impersonate an employee with financial authority. The impersonator directs the employees who receive the email to make a fraudulent money transfer or other financial transaction.

How can you protect your business against cyberattacks?

Cybercriminals are always changing their methods. But there are ways to limit your business’s vulnerabilities to these attacks. In 2019, BMO brought together its expertise in cybersecurity, fraud, physical security, and crisis management and formed BMO’s Financial Crimes Unit. This team is setting the standard for bank security by working to detect, prevent, respond to, and recover from security threats.

BMO’s Financial Crimes Unit can help you protect yourself and your business from cybercrimes. Consider these simple steps:

• Make browsing safer: One way to reduce the risks of online fraud and financial malware on your computer is to invest in reliable malware protection software. Shop for the security software that best meets your business’s needs. You can also try using a product called IBM^®Trusteer Rapport^®. Download this free software to secure your desktop browser. It will help protect you while you bank online, and you can use it on other sites where you read or send personal information. Learn more here about how to protect yourself.
  
  
• Thwart email scams: Fortify your business against email scams with these steps:
  
  
  1. Teach employees the telltale signs of email scams and emerging security threats from artificial intelligence. Implement security trainings at regular intervals to keep cyber awareness top of mind for employees.
     
     
  2. Require secondary approvals for payments, wire transfers, and other financial transactions.
     
     
  3. Establish a callback process for any changes to your business's established payment processes.
     
     
  4. Have established controls and written procedures for your vendors.
     
     
  5. Review and update employee access to limit potential system vulnerabilities. 
     
     
• Spot impersonation scams: Help keep impersonation scammers at bay.
  
  
  1. Avoid urgent requests.
     
     
  2. Ignore all unsolicited calls or emails.
     
     
  3. Don’t give out non-public information to unsolicited callers or emailers.
     
     
  4. Double-check email addresses and URLs for typos—a classic scam red flag.
     
     
• Have a cyber incident plan: How your business reacts in a cyberattack may mean the difference between a coordinated response and catastrophe. Who does what? What if the media calls? Who is your local law enforcement contact? These basic questions and others need thoughtful answers. The federal government has resources to help:
  
  
  • U.S. Department of Homeland Security’s Incident Response Plan Basics
    
    
  • U.S. Department of Commerce's Incident Response Recommendations and Considerations for Cybersecurity Risk Management
    
    
• Don’t open suspicious emails: Never, never, never open dubious emails. BMO clients are encouraged to send suspicious emails—as attachments, without opening them—to BMO at our designated email address: phishing@bmo.com.
  
  
• Consider cyber insurance coverage: Even the most aware and prepared organization can experience a breach. Cyber insurance can help defray the costs of defending against and recovering from a cyber incident.

What to do if your business is targeted

If you know or suspect cybercriminals have breached your business, act fast. Start by opening your cyber incident plan, which should be your guide during an attack. You’ll want to notify law enforcement, affected businesses, affected individuals, and, depending on the circumstances, your bank and government entities. In addition to the steps below, you may want to review the Federal Trade Commission's Data Brach Response: A Guide for Business.

• Law enforcement: Call your local police department immediately. Also, contact the local office of the FBI or the U.S. Secret Service. For incidents involving mail theft, contact the U.S. Postal Inspection Service.
  
  
• Affected individuals and businesses: A breach of business systems is likely a threat to customers, corporate clients, suppliers, and other business partners. Alert them right away to increase the odds that they can protect themselves.
  
  
• Financial partners: Many banks have expertise in both physical security and cybersecurity. BMO, for example, has its own Financial Crimes Unit with expertise in cybersecurity, fraud, physical security, and crisis management. A quick call to your bank may help mitigate some of the risks to your business.
  
  
• Determine your legal requirements: Even before a breach, research your legal responsibilities, particularly related to protecting your customers’ information and reporting breaches to the appropriate authorities. All states require notification of security breaches involving personal information. In addition, depending on the types of information involved, other laws or regulations may apply. You may want to consult an attorney to understand your business or industry's specific obligations. Healthcare, for example, has a number of industry-specific consumer notification rules.

The goals of scammers have not changed that much since 1834, when history’s first hackers convinced a French Telegraph System insider to help them manipulate financial data transmitted over telegraph lines. Like then, today's cybercriminals exploit technological and human weaknesses for financial gains. But now there are many resources available to help businesses reduce risks. Learn more about how to protect your business at BMO’s Security Learning Center.

*All data points in this article come from Verizon's 2025 Data Breach Investigations Report, unless otherwise cited.