Friday marks the official beginning of the holiday shopping season and no one is more excited than cyber hackers. During this time of year, the opportunities to take advantage of unsuspecting and often overwhelmed holiday shoppers create a playground for bad actors. Did you know you are 30% or more likely to be successfully hacked during the holidays?!? Here are traps to be on the lookout for, how they work, and tips to avoid a hacker holiday.
Masquerading as your favorite retailer. You’ll be receiving a flood of holiday emails, and some will appear to be from trusted businesses or organizations. Behind the cheerful holiday greetings, “exclusive” or “limited” holiday deals, or even order confirmations is actually an attempt to steal your sensitive information. You need to review URL links BEFORE you click on them. Hover over the link and inspect the URL. Is the retailer spelled correctly? Does it go to a secure website (starts with “https”)? If you mistakenly click on a malicious link, you could be downloading malware or be taken to a site where you give up your personal or financial data.
Dreamy Promotions. These too-good-to-be-true promotions or discounts could come through emails or social media posts. You see a great deal dressed up as if it’s from a trusted retailer or even a friend or trusted influencer. Typically these types of attacks process transactions, but you never receive your order. Bad actors are stealing your money AND they have your personal financial information to sell on the dark web. As always, inspect any URLs for red flags. Do a quick search to see what kind of prices are being offered elsewhere. If the price or promotion is significantly less than any other offer for the same product, it is more likely a scam than a great deal. If the deal is coming through a platform you are unfamiliar with or one that is easily manipulated (like TikTok or Instagram), but not through the manufacturer or well-known retailer, be extra cautious before you click through and give away your money and data.
You’ve Got Mail. The USPS alone expects to process 800 million packages during the holiday season, so you can imagine the volume of the four major delivery carriers over the next few weeks. Packages DO get lost. Bad actors take advantage of this and spoof carrier emails or texts to send fake delivery tracking or problem links which most often prompt you to inadvertently download malicious software to your device. The best way to avoid mistakenly clicking on one of these malicious notifications, check the tracking link provided in your original order or with the sender directly.
It is critical for you to stay alert and vigilant against cyber scams to avoid having a hacker holiday. Protect yourself by always verifying the sender of email addresses, never clicking on suspicious or insecure links, and being wary of urgency or too-good-to-be-true offers. Business owners can also prevent increased vulnerability this time of year by making sure you have and enforce a policy of keeping business activities to business devices and personal activities to personal devices. If you aren’t sure you’re well protected as a business, start with our free self-assessment. We can help you identify and achieve a strong security posture.