The tips we’re about to share should be top of mind every day not just during the holiday season.
Let’s begin with any interesting discovery by Kaspersky Labs.
In 2017, Kaspersky Labs released their Black Friday report and one of their findings is that consumers who use their mobile devices are a driving factor of an increase in phishing attempts. This is because mobile users are distracted when they are engaging in other activities while out and about. They are more apt to click on a suspicious link because they aren’t focused on that they’re doing. [Source: Kaspersky Labs]. This means that we need to treat and protect our mobile devices like any other computer. So, without further ado, let’s get to the tips.
Tips for Businesses:
- Educate employees on how to spot phishing attacks. One click of a bad link is all that’s needed to compromise your business and your customers. Awareness training is important.
- Ensure that if you are accepting payments yourself, and not using a platform like PayPal, Square, Apple Pay, etc, that the payment portal is secure; the same goes for any form submission or login of your website. This means making sure that you have SSL or TLS(preferred) certificates in place to encrypt client and server web traffic.
- Monitor your financial statements and cash flow. The majority of threats come from within an organization.
- For employees that need to use computing resources, limit their access. Operate on the practice of Least Privilege by only assigning staff the least amount of access to resources that still allow them to carry out their daily duties.
- Lock sensitive documents up if you need access to them. Shred these documents if no longer needed.
- Given the timing of this post, your mileage may vary logistically.
- Invest in security cameras and an alarm system to protect your physical inventory.
- Purchase a cyber liability insurance policy to have some recourse if your company is compromised.
Tips for consumers:
- Avoid public WiFi when out shopping. If you must connect, use a Virtual Private Network (VPN) to add a layer of protection.
- When making online purchases, make sure the site is secure. You’ll see a padlock typically to the left of the URL and the URL itself will begin with HTTPS
- Beware of fake, too good to be true, ads on social media. Tell tale signs are the use of shortened links, websites names that look similar to a real company, super low prices, and language to compel you to buy (“One day sale,” “limited supply”).
- Be aware of online surveys that you may take. Malicious ones will start asking for personally identifiable information(PII) like credit card information.
- “Undelivered package” notifications from people posing as UPS, FedEx and USPS. These phishing emails will contain either a link or an attachment that can load malware on your device. Contact the organization, such as FedEx, directly and not through the email in order to verify if the message is legit.
- Make sure you have anti-virus on your devices.
- When you’re out and about shopping and need to grab cash from an ATM or get gas at at the gas station, check for skimming/shimming devices. We wrote about these here, so check it out before you brave the crowds.
We hope these tips help. If you stumble across something that you’re not sure about during you shopping adventures, you’re welcome to drop us a line below