Cybersecurity and the Holiday Season
Be ready for seasonal cyber scams
by Carolyn Schrader
The holiday season is a prime opportunity for cybercriminals to target people and businesses. Employees are more apt to be shopping using employee equipment. Businesses are buying gifts for staff, clients, and business partners. Vigilance and a strong measure of skepticism can help reduce the chances of being a victim.
Eight scams to be ready for include:
1. Social Media Scams with fake offers or discounts
Everyone loves a deal. Unfortunately, the criminals rely on this human behavior. Fake offers and too-good-to-be-true discounts increase during the holiday shopping season.
Businesses should alert their employees who might be shopping using a company computer or mobile device. Shoppers should patronize reputable, known shopping sites and be cautious using sites that cannot be verified.
2. Fraudulent links and URLs
Business owners should remind their employees that fraudsters may established a fake website that look like an official known site. Savvy shoppers should look closely at the URL link to make there are no misspellings in the name or an extension other than dot com unless it is known the site has another extension. Do an internet search on the business name to see what the typical response is.
3. Emails offering bogus deals
Cyber criminals use email addresses either stolen or easily available from social media to offer bogus deals. As with social media scams, people need to use caution. Even if the offer appears to be from a known site, it is safer to go to the site’s URL directly and check out the offers there.
4. Fake purchase invoices
Scammers targeting businesses can easily send fake purchase invoices to someone in your accounting department or an administrative assistant. The fake invoice may have malware embedded or the invoice may be an attempt to get money sent to a cybercriminal. If your employees are buying gifts for customers or staff, make sure whoever pays the bills knows the real merchant to reduce cyber risks.
5. Shipping status malware messages
Malware can be embedded in a shipping status email. Once the attachment is opened, malware can infect a computer and then the network. Advise employees that to help protect the company’s network, they should type the tracking number directly into the shipper’s website, rather than click on any links within the email.
6. Charity-related holiday scams
Charity giving increases during the holiday season and unfortunately, cybercriminals take advantage of that. They may send emotional emails requesting funds and even have a website talking about their fake charity. If the charity is not a highly recognized name, a thorough search on the Internet will help determine if the cause is legitimate. Businesses should donation to their choice of charities through safe channels such as through a service organization, directly to a community based charity or via an Internet verified website.
7. Unauthorized charges to bank account
Businesses should keep a close eye on their bank account activity during the holiday season and immediately contact their bank about any irregularities. Your backup staff should know how to handle wire transfers and invoice payments if the primary staff is out of the office.
8. Unauthorized charges to debit or credit card
This is the season to watch for any unauthorized charges to personal or business debit or credit cards. Balances on cards are that are infrequently used should be reviewed to ensure a card stolen in a recent hack is not being used by a criminal.
About the Author - Carolyn Schrader is a seasoned cybersecurity professional and founder of the Cyber Security Group Inc., providing corporate cybersecurity services to high profile clients.