As the holiday season approaches, a gigantic spike in online shopping comes, which increases financial and email activity, enticing cybercriminals into stealing personal data. For a business, it is essential to put in place extra seasonal cybersecurity measures or risk a catastrophic incident during the Christmas period.
Popular cybersecurity threats around the Christmas holidays
Three cybersecurity threats are prevalent during the Christmas holidays, including:
- Social engineering attack
Social engineering attacks prey on human (social) behaviours. Cybercriminals convince employees that they are a genuine and authorised person who they should share access data over the phone or on a digital communication platform. The password reset process is particularly vulnerable to social engineering attacks.
Social engineering attack example:
- A cybercriminal contacts an employee, pretending to be the CEO of their company. They tell the employee that they are out of town and need access details or need the employee to transfer funds to them.
- Phishing attack
Phishing attacks are the most popular cybersecurity attack and occur all year round. The cybercriminal creates an authentic-looking email in an attempt to steal sensitive information.
Phishing methods have become highly sophisticated and almost impossible to distinguish between genuine communications. They may use the official website headers or branded letterheads to persuade recipients of their legitimacy.
Phishing attack example:
- A branded email is sent to employees asking them to confirm their email, address, bank numbers, credit card details or password.
- Identity theft
With identity theft, cybercriminals steal personal information and use it for financial gain.
Identity theft example:
- The cybercriminals target the company’s database and steal the information of its customers. The personal data is then sold on the Dark Web or used by the cybercriminal for financial purposes.
Tips to securely prepare your organisation against cyber-attacks during the holidays
Four steps that will shore up your cyber defences during the holidays include:
- Check for firewall updates (patches) and install them to ensure all data is encrypted.
- Provide cybersecurity awareness training for your employees.
- Diversify your systems to avoid a single point of failure.
- Run penetration testing to identify network vulnerabilities.
Cybercriminals never take a day off, so it is important to be vigilant 365 days a year. They will take advantage of your company when they think it is vulnerable, so being aware of the threats and implementing the tips mentioned above can help you reduce the risk of experiencing a cyber-attack.
Contact us to learn more about the cybersecurity options available to you around the Christmas season.