Feeling paranoid? Think people are out to get you? If not, you're just not paying attention. Small businesses have gained the attention of large companies who lust after their buying power. And unfortunately, hackers now lust after small business for their intellectual property and customer data, and find smaller companies make easier targets because their defenses are weaker.

So says Dan Hubbard, vice president for security research at Websense, the security firm which just announced the Websense Express product line for SMB. The trend for large companies to make sophisticated security tools affordable for small companies is a trend we should all encourage.

Who says hackers target small businesses besides Websense? How about Visa? According to the credit card company, since 2005 small businesses represent less than 5% of exposed accounts but have been the source of 80% of identified data security compromises (I don't now how they define "small business," so it may be companies with up to 1,000 employees). You know the reason: small businesses don't have the security expertise in house to protect themselves. And crunched budgets often stop businesses from adequately defending themselves even when they know they should.

Hubbard says his company’s research shows phishing attacks have moved from the big national companies down to neighborhood credit unions and small banks. Quaintly known as "puddle" phishing, these attacks prove spam must be cheap, because the phishers will launch millions of messages to get a bite from a customer of a small financial services company with only a few thousand accounts.

Websense says some of the technical managers it has talked to at banks and credit unions don’t know enough about phishing, and even those that do often lack a plan to contact and reassure customers and handle questions when they are victimized.

Even small retailers have value to hackers. Take a look at, say, a liquor store. They do thousands of transactions every week or two. If the store installed its own wireless network with poor security, hackers can sit outside and capture customer data in real time. If they snag one complete transaction, they have a stolen identity in their pocket. They might have done this in the past by dumpster diving and hoping to find credit card receipts, but sitting in the parking lot keeps them smelling better. The fact that most printed receipts today include only a part of the credit card number adds another reason hackers eavesdrop rather than dive.

James Gaskin writes books (16 so far), articles and jokes about technology and real life from his home office in the Dallas area.