It comes after a Scottish hairdressing firm was hit with a 1,000 euro (£720) ransom demand by hackers who managed to lock the company database and threatened to delete vital information.
The Federation of Small Businesses (FSB) believes smaller companies are being targeted as larger firms step up their online security but believe cases are not being reported to the authorities for fear of “scaring customers”.
Ellen Conlin Hair & Beauty, which has salons in the west end of Glasgow and Giffnock, revealed it was subject of a cyber attack last week on the system used to store appointments, wage details, client histories and stock information.
A Facebook statement read: “Unfortunately we have found ourselves the victim of a rather nasty cyber attack which took place last weekend leaving us with literally no appointment data.
“Fortunately no personal data has been compromised with this attack, however we no longer have contact details for a large number of clients.”
Colin Borland, of FSB Scotland, said it is the first case of its type he has heard of in Scotland but “would put a substantial amount of money on the fact it’s not the first time it has happened”.
“Cyber crime is massively under-reported and it is partly because people don’t want to admit they have been conned or caught out for fear of scaring customers,” Mr Borland said.
“You don’t want to give the impression that you might be a soft touch, but it can happen to anyone as we’ve seen recently, and as big companies tighten up their online security then these criminals are going to be looking elsewhere.
“We advise members to follow the advice of the Scottish Business Resilience Centre to stay safe online and look into insurance against this kind of attack of data loss.
“Everyone will have insurance for their property or vehicle but very valuable data is often not insured and people should consider that.”
Ken Main, who jointly owns Ellen Conlin, said it is unclear where the case is being investigated as the company that run the software used by the salon is based in the south of England.
He told a regional newspaper: “It is one police force arguing with another.”
He added: “Nobody is telling people (about cyber crime). I am sure there are hundreds of people being hacked and they are not saying anything, and they are just paying the money and that’s it.
“It’s a money-making scam. What people need to understand is they should not pay the ransom unless they are 100% sure they get their information back. The word has to go out, do not pay hackers because they will not give you back the information.”