Christmas holidays are just around the corner, and so is Christmas scam. More online shopping, posts and ads on social media, all the rush and fuss about closing projects in the office, and all other activities and errands in our free time are a threat to cybersecurity in Christmas season. They increase the probability for a successful cyber-attack.
All that cyber criminals want are stressed and unfocused users. They are waiting for the perfect moment to send a phishing e-mail and trick the victim into clicking on a malicious link, make payments on their accounts, or deliver sensitive data. Moreover, they rely on the “out of office” status of a great amount of IT professionals and cybersecurity guards.
What are the most common traps that we have to be aware of?
- Fake notifications sent on behalf of “delivery services” regarding parcel tracking,
- Fake messages from online shops about unsuccessful payments,
- Fake online shops or merchants on e-markets,
- Messages on urgent password changes in e-banks.
As a rule, banks will never use e-mail communication or a phone call to ask you to send over sensitive data or change your password. Payments in online shops should also be proceeded through official banking services, not by direct transfers to the seller’s account.
Make sure that in your business environments your IT departments are not understaffed during the Christmas season. Cybersecurity detection and response should be as prompt as in any other time of the year.
And most importantly, educate and train your users in recognizing social engineering before the season’s peak. Real-case scenarios and example-based datasheets are the best possible training. Employees that will click on the link in a simulated phishing campaign once and receive a training in return, will surely be more cautious when opening e-mail messages and their attachments, or clicking on the links in the future.
Traditionally, with the holiday season at the doorstep, KnowBe4 prepared a special free toolkit to help you organize a complete security awareness training and improve users’ resilience to cyber-attacks and strengther you cybersecurity in Christmas season. Download them with a click of a button*!
*If you prefer copy-pasting the URL to the tool bar, use this link: https://www.knowbe4.com/holiday-resource-kit-partner?partnerid=0013Z00001hATgOQAW