Tis’ The Season for Cyber Crime: 4 Cyber Risks to Keep in Mind
Nov Thu, 2018
Every year we eagerly look forward to the holiday season – the best time of the year. Cooking traditional meals on Thanksgiving, attending holiday parties with friends, and snuggling by the fire place are just some of the activities we indulge in – but in the spirit of giving, it’s also the season of heightened cyber crime. No longer are the days where Black Friday lasts one day and entails solely shopping in-store. Now, it’s a month-long event with digital and omnichannel purchasing behaviors dominating consumer motives and employees’ time.
Online shopping through mobile devices and social media networks is at an all time high, leaving shoppers, as well as businesses vulnerable to a number of cyber risks. In this article, we highlight four different cyber risks encountered during the holiday season with tips on how to enhance your cyber security.
As people begin to cross off purchases from their holiday list, hackers will utilize this opportunity to exploit their poor security habits tempting them to click on emails and enter their credentials. This is the time of year where employees might use their company email to retrieve discounts, or participate in company-wide holiday events, increasing the risk of a cyber breach through phishing emails.
Cyber Security Tip: Conduct security awareness training during this time and establish policies for nonwork-related sites, email usage, and reporting of phishing scams.
Mobile Device Misuse
According to a study conducted by McKinsey, this year shoppers will use mobile apps and mobile browsers more – compared to previous years – to purchase items online. Shoppers will connect to insecure public WiFi hotspots to check bank accounts, social media accounts, and make purchases, inputting data that hackers can use to their advantage. Additionally, the use of SMS or text messages containing links, provides hackers another way to phish people and capture their information.
Cyber Security Tip: Verify the websites you visit have a security lock within the web address bar and begins with https, and ensure you log off all accounts if using public WiFi. It’s best to use secure WiFi networks for purchases or accessing banking information to keep your information secure. Also, keep your device’s operating system and apps updated to fix any security weaknesses.
The use of bot technology for cyber crime has increased over the years, as cyber criminals use malware bots to gain control over a computer to gather passwords, log keystrokes, obtain financial information, relay spam, launch DoS attacks, and more. The use of malicious ad bots increase during the holiday season, as fraudsters attempt to takeover consumer accounts and e-commerce sites by deploying bots to steal funds from online virtual wallets, gift cards, discount vouchers, etc. In 2017, economic losses due to bot fraud was estimated at $6.5 billion and doesn’t appear to improve this year.
Cyber Security Tip: Reinforce the tips discussed above for consumer protection – for advertisers and businesses, managed detection and response services can help identify, detect, and protect your organization from malware attacks and external threats.
Identity Theft & Fraud
The number of stolen identities rose to 16.7 million in 2017, through three main threats – credit card fraud, employment or tax-related fraud, and phone/utilities fraud. The graph below depicts year-over-year change from these three types of identity theft since 2013.
Identity theft can occur through the compromise of a person’s personally identifiable information (PII) – social security numbers, birth dates, credit card numbers, etc. Skimming, pretexting, and phishing are all ways hackers can easily steal your PII this season, so it’s important to withhold this information from online sites and emails to prevent your information from becoming stolen.
Cyber Security Tip: Implement strong passwords to protect your devices, ensure firewalls are up-to-date, use the security features on your mobile phone and private networks for sharing PII. Moreover, don’t auto-save passwords or credit card information, and review privacy policies online to understand how your information will be stored, used, and shared with others.
Even though this is the most wonderful time of the year, it’s important to remain vigilant and hold yourself accountable to conduct cyber security best practices that will safeguard your data.
For more information on how to enhance your organization’s cyber security infrastructure, contact our security professionals at firstname.lastname@example.org or 855-732-8826.