This holiday season, it is very likely that cybercriminals will target your business by engaging with your employees under the appearance of an important message from an online retailer. Clicking on the links within these messages will prompt an attempt to download malicious software that will give the attacker remote access to your corporate network via a compromised computer.
They may also try to coerce employees into providing their personal passwords to legitimate sites such as Amazon, Walmart, etc. However, their ulterior motive may be to find instances where people are sharing their corporate password with a personal account.
Despite repeated warnings, we find that many employees share passwords across personal and work platforms. This can put your company at great risk – especially if an employee falls for a personal phishing attack and is reusing that password on one of your corporate systems (like a VPN). Unfortunately, cybercrime is an extremely lucrative and multifaceted business. Collectively, victims of cybercrime lost approximately $172 billion dollars in 2017 (globally).
With the holiday season upon us, it’s more important than ever to encourage employees to be vigilant and on the lookout for holiday phishing scams. Not only personally – but also understanding the potential impact of clicking on a link within their personal email at work. In our experience, this is a possible vulnerability that many companies don’t typically consider.
The 5 steps
Below are five steps everyone can take to better protect themselves (and the company) this holiday season:
- Be especially wary of order and delivery confirmations. Instead of clicking on the links within these emails, go to the website manually to get the update.
- Don’t reuse passwords. Anywhere. Ever. If one website (or password) is compromised for some reason, you don’t want to be a position of having everything compromised.
- Turn on multifactor authentication wherever possible. Even if a criminal can get your password, you can protect yourself by requiring an additional form of authentication to your account.
- Use a credit card instead of a debit card when shopping online. It is easier to deal with fraudulent purchases when you use a credit card.
- Monitor bank accounts and your credit cards at least three times a week. If you are shopping online, you should be checking your accounts at the end of each day. You can also set up text alerts for any purchases for $1 – to ensure you’re aware of every purchase being made.
UP NEXT: Protect your business with this Free Cybersecurity Awareness Training video.