Phishing attacks: it’s a topic we hear about year-round thanks to its effectiveness in tricking unsuspecting employees into clicking on a malicious link, opening a suspicious document, or sending payment to the wrong vendor. During the holiday’s cybercriminals are especially active – and even more so this year.
Black Friday and Cyber Monday have always been huge events. However, now that many are avoiding stores for safety, online shopping is seeing an even more considerable increase. According to Convey’s 4th Annual Holiday Survey, 8 in 10 respondents will do most of their holiday shopping online – and nearly 1 in 3 will do all of it online. This year, every day is Cyber Monday.
Additionally, many remote staff members are using their own devices for work purposes and utilizing personal email accounts and unsecured networks. And with the second wave of COVID-19 cases ever-increasing, people are incredibly stressed (and rightfully so). With stress comes distraction and a greater likelihood that employees will not be diligent when responding to and reviewing messages. All of these factors are likely to lead to more cybercrime than ever before.
Let’s take a look at the most common scams we’ll see in the next few weeks.
The “Too Good to Be True Deal”
If an advertisement offers merchandise at unrealistic discounts, chances are it’s far from legitimate. Scammers will often use these attention-grabbing messages to get users to fraudulent websites to steal everything from personal information to credit card details. For the staff who happen to use their corporate email for personal purposes or vice versa, this threat could affect the individual and the entire organization.
Scams like this often come in the form of an email seemingly from a superior or someone with financial authority in the organization, asking the victim to purchase gift cards for a work-related function or holiday occasion. Instead, these cards will be used at the scammer’s discretion to buy goods for themselves.
For this reason, it is imperative to verify that the person you are conversing with is who they say they are – mainly where corporate funds are concerned.
Ever since the proliferation of COVID-19, fraudulent charity schemes have been in circulation. Now in the most charitable time of the year, it can be assumed these will only rise. Though these campaigns are often done through email campaigns, fake social media and websites are commonly used.
When considering making a charitable donation, whether personally or for business, always ensure that the organization is legitimate.
Chances are, most Americans are expecting packages in the next few weeks. With COVID procedures slowing down shipping times, many are turning to the tracking information they’ve received via email. Seems harmless, right? Of course, scammers have hijacked this too. Cybercriminals understand the constant need to see when a package has arrived. Taking advantage of this, they will send emails with links that supposedly lead to shipping information that instead send users to a malicious website that looks legitimate.
Overcoming the Barrage
Sometimes it seems that phishing scams are impossible to avoid. While no solution is 100%, there are a few ways businesses can protect their employees and corporate data. Email security and employee awareness training are key components to a stratey that will do just that. Email security is a great first step to avoiding the vast majority of spam and phishing attacks, while training will help staff members catch the few that do slip through. No one solution is fool-proof but working in tandem, team members are bound to be that much more protected.