asking a questions

hi i am wondering what cyber security companies is most smb's using and why ? is it the prices is it the features or the trust ? what makes a cyber security company trustworthy ? and what kinds of attacks are small and medium business owners facing ?? and how often??

reddit.com
u/Important_Claim_1607 — 4 days ago

Brand new and self taught / anything helps

Hey peeps i was just wondering what smb vendors do with all there business emails when they come in

I’m building cybersecurity software to help canadian smb’s and i’m trying to understand what people actually do with emails day to day not theory

When you get invoices vendor requests payment changes attachments links password resets or account updates what rules do you follow before opening or trusting them

How do you check your not getting scammed do you look at the sender hover over links call the vendor check the domain rely on spam filters or just go by gut feeling

I’m not looking for private info or company names just trying to learn what real people actually do with email

reddit.com
u/Important_Claim_1607 — 4 days ago

Just wondering

Hey peeps i was just wondering what smb vendors do with all there business emails when they come in

I’m building cybersecurity software to help canadian smb’s and i’m trying to understand what people actually do with emails day to day not theory

When you get invoices vendor requests payment changes attachments links password resets or account updates what rules do you follow before opening or trusting them

How do you check your not getting scammed do you look at the sender hover over links call the vendor check the domain rely on spam filters or just go by gut feeling

I’m not looking for private info or company names just trying to learn what real people actually do with email

reddit.com
u/Important_Claim_1607 — 4 days ago

Curious

Hey peps i was just wondering what do smb vendors do with all business emails when they come in ? i am building my cyber security software directed to helping the smb's of canada and i need to what you is your routines when getting your emails. i want to know what are your rules you play when opening emails how do you do your checks to make sure your not getting scammed or anything else? any info would help me deeply, thank you in advance anything helps

reddit.com
u/Important_Claim_1607 — 5 days ago

Business owners: would this kind of vendor-payment fraud check actually help you?

i'm working on an early idea and trying to do a sanity-check first, whether the pain is real outside of my own assumptions.

The problem i am looking at is not general phishing or spam. It's more boring but expensive version:

- a real vendor emails an invoice, but the banking details have changed.

- a supplier payment request looks normal, but something is of.

- someone impersonates an owner/CEO and asks for an urgent payment.

- an invoice or payment instruction gets modified before accounting catches it.
- the email looks clean enough that normal filters do not stop it.

The idea is a tool that sits behind normal email security and helps flag vendor payment risk before money moves. Not "this email is spam"

More like:

- this vendors payment details changed.

- this account/routing/payment portal is new for this vendor.

- the request is unusually urgent.

- this invoice/payment pattern does not match prior history.

it would also keep an evidence trail so the business can see why something was flagged and what verification happened.

A few questions:

  1. Have you or someone you know had a close call with fake invoices, changed banking details, or vendor/payment email scams?
  2. If a vendor emailed new payment instructions today, what would your business actually do to verify it?
  3. Would a low-friction “verify this before paying” workflow be useful, or would it just become another alert people ignore?
  4. Who in your business would care most about this: owner, bookkeeper, accountant, office manager, MSP/IT provider, or nobody?
  5. What would make this valuable enough to use regularly?

I’m especially interested in answers from service businesses, small teams, agencies, trades, local businesses, and anyone who handles vendor payments manually.

reddit.com
u/Important_Claim_1607 — 1 month ago

would this kind of vendor-payment fraud check actually help

question about verifying vendor payment changes.

for small businesses, what is the safest practical process for verifying vendor banking/payment detail changes?

for an example:

real vendor or supplier emails saying their payment details have changed before the next invoice is paid.

What should the business do?

My current thinking is:
- don’t trust the phone number or links in the email
- verify through a known-good phone number or separate channel
- document who verified it and when
- require a second person to approve larger payment changes

Is that basically right, or are there better controls small businesses should use?

I’m especially curious how this should work in a small team where there may not be a formal finance department.

reddit.com
u/Important_Claim_1607 — 1 month ago

Business owners: would this kind of vendor-payment fraud check actually help you?

Business owners: would this kind of vendor-payment fraud check actually help you?

i'm working on an early idea and trying to do a sanity-check first, whether the pain is real outside of my own assumptions.

The problem i am looking at is not general phishing or spam. It's more boring but expensive version:

- a real vendor emails an invoice, but the banking details have changed.

- a supplier payment request looks normal, but something is of.

- someone impersonates an owner/CEO and asks for an urgent payment.

- an invoice or payment instruction gets modified before accounting catches it.
- the email looks clean enough that normal filters do not stop it.

The idea is a tool that sits behind normal email security and helps flag vendor payment risk before money moves. Not "this email is spam"

More like:

- this vendors payment details changed.

- this account/routing/payment portal is new for this vendor.

- the request is unusually urgent.

- this invoice/payment pattern does not match prior history.

it would also keep an evidence trail so the business can see why something was flagged and what verification happened.

A few questions:

  1. Have you or someone you know had a close call with fake invoices, changed banking details, or vendor/payment email scams?
  2. If a vendor emailed new payment instructions today, what would your business actually do to verify it?
  3. Would a low-friction “verify this before paying” workflow be useful, or would it just become another alert people ignore?
  4. Who in your business would care most about this: owner, bookkeeper, accountant, office manager, MSP/IT provider, or nobody?
  5. What would make this valuable enough to use regularly?

I’m especially interested in answers from service businesses, small teams, agencies, trades, local businesses, and anyone who handles vendor payments manually.

reddit.com
u/Important_Claim_1607 — 1 month ago
▲ 2 r/CyberSecurityAdvice+1 crossposts

Business owners: would this kind of vendor-payment fraud check actually help you?

i'm working on an early idea and trying to do a sanity-check first, whether the pain is real outside of my own assumptions.

The problem i am looking at is not general phishing or spam. It's more boring but expensive version:

- a real vendor emails an invoice, but the banking details have changed.

- a supplier payment request looks normal, but something is of.

- someone impersonates an owner/CEO and asks for an urgent payment.

- an invoice or payment instruction gets modified before accounting catches it.
- the email looks clean enough that normal filters do not stop it.

The idea is a tool that sits behind normal email security and helps flag vendor payment risk before money moves. Not "this email is spam"

More like:

- this vendors payment details changed.

- this account/routing/payment portal is new for this vendor.

- the request is unusually urgent.

- this invoice/payment pattern does not match prior history.

it would also keep an evidence trail so the business can see why something was flagged and what verification happened.

A few questions:

  1. Have you or someone you know had a close call with fake invoices, changed banking details, or vendor/payment email scams?

  2. If a vendor emailed new payment instructions today, what would your business actually do to verify it?

  3. Would a low-friction “verify this before paying” workflow be useful, or would it just become another alert people ignore?

  4. Who in your business would care most about this: owner, bookkeeper, accountant, office manager, MSP/IT provider, or nobody?

  5. What would make this valuable enough to use regularly?

I’m especially interested in answers from service businesses, small teams, agencies, trades, local businesses, and anyone who handles vendor payments manually.

reddit.com
u/Important_Claim_1607 — 1 month ago