VHG Warns: Fake Invoices, Data Breaches and Ransomware Also Threaten Small Landscaping Businesses |
|
|
|
|
 |
| 189 sec |
A cyberattack can bring a landscaping business to a standstill
Customer data stolen. Invoices paid to cybercriminals. Business software held hostage. This does not only affect large companies. Industry association Royal VHG, the Dutch trade association for landscaping and green sector businesses, sees that cybercrime is also affecting the landscaping industry and warns entrepreneurs to make digital security a permanent item on their agenda. 'Hackers do not look for large or small companies,' says Richard Maaskant of Royal VHG. 'Cybercriminals look for and find vulnerable businesses.'
| Royal VHG advises landscapers to carefully assess whether their digital security is still in order. |
On a Monday morning, a landscaping company tries to start its systems, but nothing works. The files have been encrypted and a message appears on the screen: 'Hacked'. The company is then asked to pay an amount in Bitcoin to regain access to its systems. No planning means no operational control. No time registration means no invoicing. No invoicing means no income. 'If systems are unavailable, it directly affects the continuity of an SME,' says Maaskant. In addition to lost revenue, businesses may face IT recovery costs, possible reporting obligations in the event of a data breach and reputational damage. One week of downtime can cost a small company thousands of euros.
|
|
'No access to your systems means no control over your business'
| |
|
Invoice Fraud and Sophisticated Phishing
Not every attack starts with ransomware. Invoice fraud and phishing are common. Cybercriminals send invoices or emails that are almost impossible to distinguish from genuine communications. The logo is correct. The layout is correct. Only the bank account number or link is different. Spam messages are no longer full of spelling mistakes. Messages are professionally written and sometimes almost identical to real communications. 'Cybercriminals analyse how a business operates,' says Maaskant. 'They look at regular suppliers and payment moments. They exploit that information in a targeted way.' Artificial intelligence is being used more and more frequently. Messages are automatically tailored to the recipient. Even phone calls can be imitated.
'The voice sounds convincing and the story appears logical,' says Marc Derksen. 'That is exactly why the risk is greater.' During busy periods, a fraudulent invoice may be paid without anyone noticing. In most cases, the money cannot be recovered.
Website Misused
In the sector, a landscaper's webshop was copied. Customers paid through a fraudulent website. The money never reached the legitimate company. 'That leads to angry phone calls from customers,' says Maaskant. 'While the company itself had no idea what was happening.' The damage goes beyond lost revenue. Doubts about data security undermine trust. In a regional market, this can directly affect new business opportunities.
 | | Richard Maaskant. |
|
|
|
|
'Trust is easily damaged, but difficult to restore'
| |
|
Employees and Work Phones
Many landscapers use tablets and mobile phones on site. Planning information and customer data are stored on mobile devices. 'If a work phone is used for untrustworthy apps or visits to unsafe websites, it can provide an entry point for cybercriminals,' says Maaskant. Clear agreements on device use, encryption and the remote wiping of lost devices are essential. 'Technology alone is not enough,' says Derksen. 'Employee behaviour also determines the level of risk.'
Not a One-Time Action
More and more landscaping companies are digitising their processes. Many entrepreneurs have already implemented security measures. According to Royal VHG, the risk is not unwillingness but complacency. 'Entrepreneurs are working on it,' says Maaskant. 'But digital security is not a one-time investment. You are never finished.' 'Cybercriminals use bots that scan systems for vulnerabilities day and night,' Derksen adds. 'Anyone who postpones updates leaves known security gaps exposed.'
|
|
'A five-minute update is cheaper than weeks of recovery'
| |
|
Cyber Insurance
More and more entrepreneurs are taking out cyber insurance policies. These can cover costs related to IT recovery and legal assistance. According to Royal VHG, however, insurance is a safety net, not a solution. 'Insurance does not replace good security,' says Maaskant. 'Moreover, insurers impose requirements on your digital security measures.'
What Does Royal VHG Say to Entrepreneurs Who Think This Won't Happen to Them?
Many landscapers believe their business is too small to be of interest to cybercriminals. According to Royal VHG, that is a misconception. 'Cybercriminals do not discriminate,' says Maaskant. 'Their business model is based on finding weak spots.' Even a small company manages personal and banking data. 'If your planning system is down for a week, you will feel it immediately in your revenue,' says Maaskant. Digital security is part of professional entrepreneurship.
 | | Marc Derksen. |
|
|
What Should You Have in Place?
Entrepreneurs do not need to be IT specialists, but they do need to know whether the basics are in order and ask targeted questions of their IT provider. 'If you do not get a clear answer to any of these questions, you should keep asking,' says Derksen.
Ten Questions for Your IT Adviser
1. Is Multi-Factor Authentication enabled on all accounts?
2. Has the backup been tested and is recovery demonstrably working?
3. Are security updates installed immediately?
4. Is there a concrete action plan in place for a ransomware attack?
5. Is access to critical data restricted to employees who need it?
6. Are employees trained to recognise phishing attempts?
7. Are laptops and phones encrypted and capable of being wiped remotely?
8. Are suppliers assessed for digital security risks?
9. Has a penetration test been carried out recently?
10. Is the company prepared for NIS2 obligations, where applicable?
|
Together Digitally Secure
Royal VHG points entrepreneurs to the Samen Digitaal Veilig platform and the Digital Trust Center of the Ministry of Economic Affairs for practical support and up-to-date information. 'Digital security requires continuous attention,' Maaskant concludes. 'If you only take action when your system no longer starts up, it is already too late. By then, you may have lost not only your data, but also your customer's trust.'
This article was previously published on 28 May 2026 on the De Hovenier website.
| LOG IN
with your email address to respond.
|
|
|
| There are no comments yet. |
|
| |
Anyone can place small ads for free through their own account.
Place a free ad
|
|
|
|
