The holiday season is a time for celebration. Unethical hackers and thieves also see it as a time for celebration for a different reason. Protect Your Business
We are all excited that November is here, and the holiday season is upon us. The Wednesday before Thanksgiving is filled with festivities at many companies. Many businesses are closed or operate with a skeleton staff on Black Friday.
Cyber Monday is a big shopping day on the internet, often from work!
Then we head into December and get ready for Christmas and the New Year. A lot of people use their vacation time during the month of December. There are lots of office parties and events. The day before and after the holidays usually mean a lighter staff than normal and people are a little more relaxed than normal.
There are lots of sales online and offline that everyone takes advantage of.
Lots of fun, food, laughing and good times, and sales.
There’s another group of people who are excited about the holidays, but not for the same reasons.
The unethical hackers and thieves are ready for the holiday season because this is when we tend to let our guard down.
Some of the largest compromises and breaches occur immediately before or after a holiday, or on the weekend.
Phishing attack success rates go up because the attackers use sales and other holiday-themed emails and text messages to bait victims.
A report released by Infoblox in 2019 showed that 31% of retail IT professionals saw an increase in cyberattacks during the holiday season. This often presented itself as phishing websites.
15% reported an increase in social media scams and 11% reported an increase in ransomware incidents.
Healthcare Practices are increasingly targeted right around the holiday as well. Several larger HIPAA breaches were reported immediately before or after a major US holiday.
What Methods Do Attackers Use to Compromise Companies During the Holiday Season?
Here is a list of some of the more common methods for attacking businesses during the holiday season. The success rates increase because of a relaxed and often thinly staffed office environment.
- Infected Websites – Websites are compromised, and malware is installed. Unsuspecting internet browsers visit these websites and inadvertently install the malware on their computers.
- Social Engineering – You’re more likely to hold the door for an overloaded delivery person during the holiday season. It’s human nature and seems plausible that a delivery person would have more packages to deliver during the holidays.
- Phishing Campaigns – Similar to Social Engineering people are more accepting of promotional emails, credit card alert emails, and other holiday-themed emails. Remember, phishing can occur over SMS (Smishing) and a regular phone call (Vishing).
- Ransomware Attacks – With increased phishing attacks the chances of a ransomware attack also increases. Remember, 90% of all ransomware attacks begin with a phishing attack.
- Unlocked Computers – Employees are getting up to grab a few cookies or some lunch that the company paid for. They only expect to be gone for a few minutes, so they leave their computer unlocked. Remember that delivery person you let in earlier?
11 Ways Your Company Can Prevent Being Hacked During the Holidays
We put together a list of things your business can do to decrease your risk of being breached during the holiday season.
It’s important to understand that there is no foolproof method of preventing being breached. You can significantly decrease the likelihood of becoming a victim with these steps.
Cyber Security Awareness Month just wrapped up so hopefully, you took advantage of all the freely available materials to train your employees.
- Educate yourself and employees. Education is the best method to prevent compromises. If your employees know and expect phishing emails, social engineering attacks and infected websites they will remain diligent during the holiday season.Teach employees how to recognize phishing emails and how they may be presented. Make sure they know and understand how to report incidents (even if it might seem minor).And test them!
- Perform a vulnerability scan – find out where you might need to fix issues before someone else does.
- Document and remind employees of policies regarding allowing people into the office and what to do if a non-employee tries to enter.
- Consider blocking social media, personal email sites (Gmail, Yahoo, etc..), and shopping sites.
- Make sure staffing levels are appropriate to meet the demands of the workload.
- Don’t click on unsolicited links. If you must confirm something manually type the website address into your browser window.
- Do not connect to guest/public Wi-Fi. Use a hotspot provided by your cell phone carrier. Most cell phone carriers now allow you to use your smartphone as a hotspot.
- Don’t overshare on Social Media. Do not click on suspicious-looking links on Social Media.
- Ensure all devices have security, preferably biometric. Lock laptops, smartphones, and tablets whenever they are not in use.
- If you don’t have a business continuity plan get one. If you do test it.
- Ensure your Operating Systems (Windows, Apple, Linux, Android), Software (Adobe, Microsoft, Browsers) and Network equipment are updated/patched.
Happy Holidays Hopefully!
We don’t enjoy being the Negative Nelly of the holidays, but we also don’t want to see our small business friends fall victim to cybercrimes that are preventable. We hope that you can enjoy this festive time of the year while maintaining your business’ data security and reputation.
Of course, let us know if we can assist in any way!
Had no clue about this will try to be more alert and notice it more ! I usually open my sites from anywhere never thinking about the hacking point of it !
Thanks for this helpful information. I had ransomware on my computer a few years ago and they wanted over $1000 to release my files. Unfortunately I ended up losing about 4 years worth of work.
This is all good advice – even though it’s not something we want to think about. Thanks for informing!
It’s unfortunate that we need to stay on top of these things, especially at such busy times of the year. But thanks for a great article that lines out the threats as well as productive ways to counter them. I spent some time over the summer researching and implementing security on my site. After revisiting those things and reading this article, hopefully I’m set!
This is a very important message. I nearly fell for a scammmer trap once and now I am very cautious.
Thanks for the warning!
Definitely good reminders as we start entering the holiday season. We always get more and more phishing emails on our work accounts around this time!
Yikes, I always worry about hackers and always try to remain safe online. I will never click on links I don’t know.
It’s really sad that some people use the festive time of year as an opportunity to take part in this kind of dodgy behaviour 🙁
Ugh why do bad people have to ruin EVERYTHING!? Thanks so much for sharing this with us!
Wow, I had no idea there was an increase during the holidays but it makes so much sense now. People take advantage of others with their guards down. Definitely important to be aware of this.
What a great warning and reminder! Keep your companies safe everyone!
As you said, 90% of the attacks start with a phishing email. It’s important for people to be vigilant and don’t click on any unknown links.
Thanks for sharing this message. That is so important to know. I’ve got to check my own website and secure it.
Hacking terrifies me because I have been a victim of it more than a few times!!! Great tips on how to avoid it!!
I did not think about this at all! Wow. This is definitely important information to keep in mind during the holidays. Very informative and detailed. Thank you for sharing the info, I will forward this to my friends.
This makes total sense, we definitely need to be more careful when shopping online, opening emails etc.
XO, MJ
https://www.lush-fab-glam.com
Thanks for sharing! I’ve been working on making my site more secure and these tips are so helpful!
Thank you so much for the gentle reminder. Hackers are everywhere these days and they take advantage of the holiday season to perpetuate evil. It’s super important to stay ahead of the game.
It is so true it companies have to the extra careful this time of year. Honestly all of us do.
Hackers seem to get smarter every year. You think they would find something else to do.
These are very useful tips for this holiday season. Sadly I’ve never really thought about this before so thank you for bringing it to my attention.
I will be aware of this kind of thing. I want to be safe even online
Never never click on suspicious links as I’ve had a very bad personal security breach done to me last month. Try and be safe. Definitely follow steps listed here.