Issue #120 - Another Cyber Security Issue 👾

Watch out for Black Friday and Holiday Season scammers 💸 | What is cyber insurance?🔒 | What does Business Insurance NOT cover? 🔓 | 5 businesses, 1 question 🤔 | Words | Tunes | More

Nov 07, 2025

🦾 GO

Watch out for Black Friday and Holiday Season scammers 💸

Now that Halloween and Bonfire Night are both out of the way, we can look ahead to the festive season without fear of being given a Grinch-like lecture on how it’s too early to talk about Christmas (there, we said it).

But we’re not going to talk about how to boost business over the holidays (yet). Instead, we’re going to focus on cybersecurity because there sure are a lot of scammers out there, especially at this time of year.

In the 12 months to August 2025, the UK experienced a 50% increase in cyber-attacks, with the National Cyber Security Centre (NCSC) dealing with 204 “nationally significant” attacks - that’s about one every other day.

And the latest government figures show that nearly half of businesses (43%) and about a third of charities (30%) reported having experienced any kind of cybersecurity breach or attack in the last 12 months.

This works out at about 612,000 UK businesses and 61,000 UK charities that identified a cyber breach or attack in the past year.

Major companies like Marks & Spencer, Co-op, and Jaguar Land Rover have been victims of high-impact attacks. But micro and small businesses have also been targeted by cyber criminals, with an average cost of £7,960.

And the increase in online shoppers at this time of year can send scammers into a feeding frenzy - more than 16,000 reports of online shopping fraud were recorded between November 2023 and January 2024, with each victim losing an average of £695 (we’ve not yet got the 2024/25 figures).

So, how can you protect your business? We got some expert advice from Phil, our Cyber Security Lead, here at Bionic:

Firstly, the NCSC encourages businesses to look into Cyber Essentials - a core standard to help with cybersecurity protections. This also includes FREE access to a bunch of tools. Visit the government's Cyber Essentials page to find out more.

Getting Cyber Essentials will really help with the six core points below:

1. UPDATE all software, plugins, and antivirus tools to patch vulnerabilities
2. Train staff to spot PHISHING emails and avoid suspicious attachments or links
3. Use strong, unique passwords and enable MULTI-FACTOR AUTHENTICATION on all business accounts
4. Regularly BACK UP your website and critical data to a secure off-site location so you can quickly recover if attacked
5. Ensure your payment systems are PCI compliant, and only collect the MINIMUM CUSTOMER DATA required.
6. Set up a process to VERIFY PAYMENTS BEFORE paying (to avoid paying hackers posing as you, your boss, or your colleagues)

Cyber Essentials helps demonstrate and reassure customers that you’re taking the protection of their data and the security of your business seriously.

Once certified, you can display the Cyber Essentials logo on your website and to your customers.

In other news, we’re trialling a new video series of 60-second explainers. Our first is on the RAB nuclear levy. Let us know what you think…

@bionic_business 🔎 What is the RAB nuclear levy? Find out with our 60 second explainer! ⬆️ UK businesses & homes now pay extra on electricity bills for new nuclear projects! 💡 The initial rates is 0.3455p per kWh - about £35 a year for 10,000 kWh – but this will be reviewed each quarter. 🏭 Only Energy Intensive Industries with exemptions don’t pay. Always check if your quote includes it! 🔎More info? Search “what is the RAB nuclear levy Bionic.” #RABLevy #BusinessEnergy #EnergyBills #NuclearEnergy #EnergyCosts

Tiktok failed to load.

Enable 3rd party cookies or use another browser

🙌 COMMUNITY

Join our community of small business superheroes 🦸‍♀️

Small business owners are the superheroes of the high street. But small business owners rarely get their voices heard. Now there’s a place to chat, share advice and help each other through the lows and highs of running a business. To get involved, scan or click the QR code above or click the button below to sign up.

Count me in!

🗞 READ

What is cyber insurance? A helpful guide for your small business 🔒

If your business uses any connected devices, such as laptops, payment devices, smartphones, and even fish tanks (check out our latest “Did You Know..? below), it’s at risk from hackers and cyber attacks.

According to a 2024 survey from Cyber Security Breaches, 50% of businesses in the UK reported having some kind of cyberattack - up 20% from 2023.

To help tackle these threats, businesses should consider cyber insurance. But what exactly is it? We’ll walk you through everything you need to know about cyber insurance and how it could save your business in the long run.

Cyber insurance and your small business

What does Business Insurance NOT cover? 🔓

Awareness of your policy’s exclusions is also an important part of your overall risk management strategy — but how?

Well, if you know that certain risks aren’t covered, you can implement measures to help minimise those risks. For example, if your policy excludes cyber attacks and your business operates online, it might be a good idea to invest in cybersecurity measures to protect your business data.

Do you have cyber insurance?

📬 SUBSCRIBE

Enjoying this issue? Subscribe and you’ll get a new issue straight to your inbox at 7 am every other Friday. Get involved 👇

Hackers once breached a North American casino through its internet-connected fish tank. The smart tank, used to monitor water conditions and automate feedings, was exploited to steal 10 GB of data. Darktrace detected the unusual data transfer to a server in Finland, highlighting the growing security risks of poorly protected connected devices.

🗣 SHOUTOUT

#BionicBusinessStory - 5 businesses, 1 question 🤔

It’s easy to assume that cyber attacks are a ‘big’ business problem - why would anyone want to hack a greengrocer or salon? But cyberattacks are often automated and indiscriminate - anyone can be a target, and everyone should be vigilant. This Reddit thread highlights small business owners’ biggest fears when it comes to getting hacked or scammed.

As a small business, what’s your biggest concern about cybersecurity?

🎣 “Phishing. It always comes down to phishing emails and shady websites. It’s a drive-by scam, and all of a sudden, your data is crypto-locked with a Bitcoin ask to fix it.

“Make sure you have a true off-site backup that’s done regularly of your information. Not only does this minimise what can get hit, it also keeps someone from running off with a computer, a fire, or other data loss situations. Someone local should not be able to access backups without extra security.

“And limit password access to someone you trust will keep those passwords safe. Someone savvy enough to use best practices to keep them safe and won’t share them.”

📝 “For a lot of small businesses, it is not having good answers for customer security questionnaires, and impacting sales or compliance with a contract they have already signed with a customer.”

🔒 “Vulnerability patching [installing software updates to fix security gaps hackers could exploit] and remediation [the broader process of identifying, fixing, or reducing vulnerabilities through patching, removing risky software, or changing settings—keeping your systems protected against attacks.]”

👾 “Getting your account leaked to the dark web. My small business doesn’t have a security team (working on it though), and I always heard people saying what could happen if your or your employees’ data gets into the dark web and you miss this information. My partner and I decided to get a threat management tool, and honestly never regretted it.

Check out this Reddit thread for a comparison of threat management tools.

💽 “[Offline or offsite] backups. If my sh*t somehow gets ransomwared, I can re-image my computers and easily have everything back.”

📊 BUSINESS

Get your business costs sorted 💷

Bionic is the comparison site for your small business. We compare a range of business essentials to help you save time, money, and hassle.

Our tech-enabled team will answer all your questions in simple terms, and help you find the best deal on business energy, insurance, phone, broadband, or finance. No jargon. No-fuss. #BeABionicBusiness 🦾

Get business utilities sorted

🎧 LISTEN

Playlist 🎶

The leaves are off trees, it’s cold, wet, dark, and our pets have been scared half to death by what seems like a whole month of fireworks - winter is here. But it’s not all bad, as now is the perfect time to hunker down and listen to Warm Electronic Music for Winter - nearly nine hours of the best chilled-out tunes. For best results, sit back and relax with a mug of hot chocolate or something stronger, if that’s your thing.

Podcast 🎙

We’ve found another cybersecurity-based podcast for another of our cybersecurity issues. Darknet Diaries explores true stories of the dark side of the Internet. Host Jack Rhysider takes you on a journey through the chilling world of hacking, data breaches, and cybercrime with guest stories from those who know all about it.

👩‍🤝‍👩🏾 SHARE

If you love The Backbone (or even if you just quite like it), share it with someone who has equally great taste in email newsletters.

Share The Backbone

🏡 HOUSEKEEPING

Check your folders 📁

If The Backbone isn’t landing in your inbox every other Friday, please mark this address as ‘not spam.’ If it isn’t in your spam folder, it may have been moved to another folder, like ‘Promotions’ or ‘Social’.

🚫 STOP

Thanks for making it to the end of another Bionic small business bulletin 🤝🏻

Carry on the conversation at our Bionic socials 🤳

Please leave a comment and let us know if there’s anything else we should be featuring.

The Backbone