Online Scams You Need To Be Aware Of This Holiday Season
With Black Friday rapidly approaching, and the holiday season coming into full swing, it’s essential to remain aware of the most common online scams. Cybercriminals always take advantage of periods with high internet traffic, specifically when online shopping is involved. It’s much easier to launch a successful cyberattack when people have their guard down, feeling pressured to shop online and make the most of the festive deals. Similarly, as offices wind down their business activities in the run-up to Christmas, there may be less IT support actively working round the clock, and employees may be less on the ball with regards to cyber-safety and IT policy.
Today we highlight some of the classic online scams you need to be aware of this holiday season, both professionally and privately. Strict cybersecurity protocols are essential both at the office and at home, in order to preserve your online integrity and safety.
Common Scams in 2022
Over the past couple of years we’ve seen a global and national rise in cyberattacks, partly induced by the increased move towards online and distance working. One of the primary forms of attack that has been on the rise this past year is the phishing attack, with around 8% of people globally having opened a phishing link in the past year. It’s likely this form of attack is already on your security radar, however it’s essential to be vigilant as online shopping and festive duties rise.
A phishing attack is a type of social engineering attack in which criminals attempt to fool a victim into an email or text, apparently from a trusted sender. This is done with the intention of stealing personal and financial data. A similar, but slightly different form of attack is the spoofing attack; in a spoof attack a criminal will again disguise their identity or contact so that it appears to be associated with a trusted source. These can come in email form, or websites can be spoofed to appear to be official.
Common phishing and spoofing attacks that occur at this time of year often relate to delivery of orders, and fake giveaways. Recently cyber-criminals have taken to sending emails or texts under the guise of popular courier and postal services; they will send out links randomly claiming shoppers need to ‘rearrange their delivery’. However, the malicious link will take users to a website that seems genuine, but in fact is a spoof copy. This website will capture your personal information to enable criminals to potentially steal your identity, or ask you to pay for delivery rearrangement, capturing your bank details.
How to counter them?
In a business sense, there are several steps that employees can take to ensure they are prepared to recognise, prevent or remediate potential phishing attacks. For businesses, the core aspects of anti-phishing policy are; good password hygiene; multi-factor authentication (MFA); anti-virus software; and user-awareness training. With these protocols in place, employees are much less likely to fall victim to a spoof or phishing attack - thus protecting business data.
Most importantly, users must be able recognise the signs of a malicious link (in any form of message) in order to prevent an attack progressing; in both our personal and professional lives we receive a multitude of daily emails, with some being more sinister than others. With a phishing email, users need to look out for messages containing bad spelling, poor grammar, general impersonality, or an email claiming to be urgent that needs to be acted upon immediately. If you spot any of these signs in a work email, it’s important to immediately report this to your cyber team. However, if you spot any of these signs while at home, it’s essential to not click the link and verify the information from a true and authentic source.
Boosting Your Cyber Safety
Whilst criminals continue to target individuals and businesses in novel and continuously advancing ways, they also continue to stage attacks via basic tried and tested methods of deception. The scams we’ve highlighted can be used against us in both our personal and professional lives, thus it’s essential to remain vigilant and educated to protect both our business data, and personal data.
With the festive period being a time of celebration and gift giving, don’t let cybercriminals take advantage of your festive mindset to get a hold of your data and money. If you’re worried about your business’ cybersecurity protocols over the coming months, then there’s no better time to ensure your MSP is maintaining and monitoring your security infrastructure.
If you want to solidify your cyber policy this festive season, or implement 24/7 cyber monitoring by our security team, then speak to one of our experts today to discuss how we can move forward together in bolstering your cybersecurity practices.