Thanksgiving is almost here, and hopefully, you’re spending quality time with your family, friends, and loved ones. Ideally, that means less screen time and fewer emails. Realistically, we’re all still connected—especially once Black Friday, Small Business Saturday, and Cyber Monday arrive.
Even simple online shopping and social media scrolling can be dangerous, though. Email, web, and text-based scams always increase this time of year as hackers try and take advantage of increased digital activity and decreased cybersecurity awareness.
Security experts estimate that a third of all Americans were targeted by known phishing attempts in 2020 when consumers were expecting more marketing and advertising emails from retailers. When inboxes are busier than ever, it’s easier for cybercriminals to slip their malicious messages by an unsuspecting user. These messages often promote too-good-to-be-true sales and a “Click now!” mentality that can easily be manipulated.
Consumers may also be looking for regular shipping and delivery notifications, two tactics that are regularly adopted by hackers who try to lure people into opening malicious attachments. Anyone who falls for one of these ploys could go from an excited shopper to a ransomware victim in seconds—especially if they’re distracted by other holiday diversions.
These time-sensitive schemes are often deployed against people who work in season-specific industries like retail, shipping, and manufacturing, too. Most of those industries are suffering from significant global supply chain disruptions, right as they enter their busiest time of the year. Employees in these sectors may be overworked, distracted, or dealing with frustrated customers, making them drop their own guard.
Hackers have proven particularly adept at spinning this to their advantage, crafting sophisticated phishing scams and cleverly worded social engineering messages in hopes that a stressed staffer will miss these obvious cues and go along with illicit requests.
Many businesses aren’t waiting for Black Friday to kick off their holiday shopping season, urging customers this year to place orders and fulfill wish lists earlier rather than later. That means deal emails as early as Halloween and online ordering windows compressed into late November and early December. As we’ve seen with other holidays, this behavior probably won’t revert to past patterns, so the time frame when consumers should remain vigilant for shopping-related scams will permanently move up. COVID-19 has forced most of us to rely on virtual connections with family, friends, and colleagues. When you’re planning a FaceTime, Zoom, or Skype call with distant relatives, loved ones, or work friends, make sure you use a secure Internet connection. If you’re scheduling a video meeting with lots of participants, make sure it’s through a password-protected link. “Zoom bombing,” the online offhand for uninvited or unwelcome participants disrupting an online call, does happen over the holidays—and increased last year during the pandemic. If you’re planning to chat with older relatives who don’t do so well with technology, hold a practice call first to help them become more comfortable.
Before you click a deal email to start online shopping, hover over the link with your mouse—or click and hold it on a mobile device—to ensure it has a trusted brand’s URL. Or, even safer, manually type in the web page you want to visit, then make sure it loads with “https”—that extra “s” stands for “secure”—or a lock symbol in the URL address. This demonstrates that personal data is being routed through an extra layer of security before shopping begins. NEVER open an unexpected attachment from an unfamiliar email address as these can instantly load malware or ransomware onto your device.
If possible, use credit cards instead of debit cards when you shop online; credit cards typically offer extra layers of fraud monitoring, dispute procedures, and other protections. When you shop in person, make sure you keep your cards safe and secure at checkout, shielding the number when you tap to purchase or blocking the keypad if you enter your PIN. During heightened periods of retail activity, keep a close eye on your financial, email, and social media accounts for any unusual activity that could result from compromised information. And NEVER click on any too-good-to-be-true pop-up ads—they will inevitably lead you to a fake external site that could install malware on your device or steal your credentials. If problems do occur during the holiday shopping season, the simplest way to avoid serious negative consequences is with a reliable data backup. When you back up business or personal data regularly, remotely, and redundantly, any external infection or data disruption can be mitigated by falling back on a copy of critical information, ideally stored in separate cloud-based and physical locations. Without this simple step in place, one click on one bad email or one slip-up with a credit card can easily devastate consumers and companies.
This holiday season, let’s leverage technology for good, relying on it to stay connected with family, friends, and loved ones while remaining vigilant of the threats posed by heightened online activity. Hopefully, you’ll find time to log out and disconnect while giving thanks for the friends beside us, the food before us, and the love between us—this week and for the rest of 2021.
Have questions? Contact CMIT Solutions today.