The holiday season is no time to slack on cybersecurity. Cybercriminals could be targeting your employees right now under the appearance of an important message from an online retailer. A simple click on a link within one of these messages will prompt an attempt to download malicious software, giving the attacker remote access to your corporate network via a compromised computer.
Cybercriminals may also try to coerce employees into providing their personal passwords to legitimate sites such as Amazon, Walmart, etc. However, their ulterior motive may be to find instances where people are sharing their corporate password with a personal account.
Despite repeated warnings, we find that many employees share passwords across personal and work platforms. This can put your company at great risk – especially if an employee falls for a personal phishing attack and is reusing that password on one of your corporate systems like a VPN. Unfortunately, cybercrime is an extremely lucrative and multifaceted business. Collectively, victims of cybercrime lose billions of dollars globally each year.
With the holiday season upon us, it’s more important than ever to encourage employees to be vigilant and on the lookout for holiday phishing scams. Not only personally – but also understanding the potential impact of clicking on a link within their personal email at work. In our experience, this is a possible vulnerability that many companies don’t typically consider.
Here are five steps everyone can take to better protect themselves and their organization this holiday season:
- Be especially wary of order and delivery confirmations. Instead of clicking on the links within these emails, go to the website manually to get the update.
- Don’t reuse passwords. Anywhere. Ever. If one website (or password) is compromised for some reason, you don’t want to be in a position of having everything compromised.
- Turn on multifactor authentication wherever possible. Even if a criminal can get your password, you can protect yourself by requiring an additional form of authentication to your account.
- Use a credit card instead of a debit card when shopping online. It is easier to deal with fraudulent purchases when you use a credit card.
- Monitor bank accounts and your credit cards at least three times a week. If you are shopping online, you should be checking your accounts at the end of each day. Many banks also allow you to set up text alerts for online purchases.