As the holiday season is upon us, businesses must remain vigilant against the increased threat of cybersecurity hacks and scams. Cybercriminals often exploit the festive atmosphere and increased online activity to target unsuspecting companies and their employees. Organizations like the Boston Police Department's Regional Intelligence Center are on the lookout for these scams, and we have set out below some of the most prevalent holiday cyber attacks and provide practical advice for safeguarding your business and your employees.
- Online Shopping Scams: The Better Business Bureau warns shoppers against
an increase in fake websites and personal sellers offering
discounts this holiday season. Fake ads posted on social media may
show expensive products in high demand, often at unbelievably low
prices, to lure in potential victims. Scammers create bogus sites
to obtain personally identifiable information and credit card
numbers. Fraudsters may also send phishing texts or emails
informing customers that a delivery was not completed and to follow
a link or call a phone number. To protect your company, make sure
employees:
- Verify the legitimacy of online retailers before making corporate purchases
- Implement strict approval processes for any significant corporate purchases or payments
- Use secure payment methods and verify wire transfers to new or unfamiliar entities
- Phishing with a Holiday Twist: During the
holidays, phishing attacks become more sophisticated and harder to
detect. Attackers often pose as company leaders or known vendors,
offering holiday bonuses or special deals. To combat this:
- Refresh your cyber security training and alerts for employees
- Implement email authentication protocols
- Establish protocols for verifying unusual requests, especially those involving financial transactions
- Digital Holiday Cards: These can be a vector for malware distribution, so only use reputable e-card services for corporate communications and educate employees about the dangers of opening e-cards from unknown sources
- Puppy Scams: Adding a new pet is a common occurrence during the holiday season. The internet has become the go-to place to find those furry friends, but according to the BBB, 80% of sponsored pet advertisements online may be fake.
- Train Employees to Recognize AI-Generated Content and
Communications: If you or your company are a victim,
contact:
- Your local law enforcement officials
- Federal Trade Commission (FTC) at https://reportfraud.ftc.gov/
- FBI Internet Crime Complaint Center (IC3) at https://www.ic3.gov/
- If the scammers obtained your Social Security number, go to IdentityTheft.gov (https://www.identitytheft.gov/) to see the steps to take to protect yourself.
We all know the holiday season brings joy, but it can also bring increased cyber risks for businesses. By staying informed about the latest scams and implementing robust training and security measures, companies can protect themselves and their customers from cyber threats. Make a security list, and check it twice to ensure a safe and prosperous holiday season for your business.
Originally published 27 November 2024
To view Foley Hoag's Security, Privacy and The Law Blog please click here
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.