While this might be the most wonderful time of the year, there are just too many Grinches on the Internet looking to make ruin your Yuletide cheer. Don’t let them. Forewarned is forearmed, and we’re putting together a list to keep you and your company’s network safe this holiday season. Here are 13 threats to look out for:
It’s already coming in waves and you need to make sure your filters are updated and that you are keeping a watchful eye on the quarantine drive. If it has ever been close to running out of space, this is the month it might just completely fill up!
- Phishing attacks
Million of people shop online and phishing attackers love to send delivery confirmations, price change alerts, refused credit card notifications and the ever popular “thank you for your order” type emails, hoping that folks will click first and ask questions later. A ton of these will get through no matter what, so make sure your users are warned and prepared.
- Concentrated penetration attempts
There is usually a visible spike in hacking attempts on the festive days. Staffing levels are low, some companies almost completely shut down, and the skeleton crew keeping watch is probably both inexperienced and overworked. It’s a perfect time to switch from “low and slow” to “brute-force” to break into systems, so make sure everything is fully patched and no weak passwords are in place before you start to enjoy some cheer.
- Social engineering attempts
It’s a time when charity activity peaks. It’s also a time when scam artists try to fool people into donating to their ‘special cause’. Don’t fall for charity scam. Remind your users to verify before donating.
- Credit card numbers over cleartext
Every retailer on the Internet wants to accept credit cards, and many of these small shops may have the perfect gift, but if they don’t use HTTPS on their payment page, shop elsewhere.
- E-tailers lacking security
Even with an HTTPS cert protecting their checkout page, how’s the security on their website? Are they storing credit card numbers in an unencrypted database? Are you? Never use your debit card online. Only shop with a credit card that offers you protection against bogus charges, just in case.
- Malicious QR codes
Malicious QR codes are on the rise, with attackers placing stickers on store fronts and signage that look legit, until you use your mobile to visit them and find at best, spam, and at worst, malware. Look closely to make sure that QR is really from the retailer before you click.
- BYOD flood
The week after the holidays, you are going to be flooded by requests to help set up all those new tablets and smart phones, and “how do I get company email on these?” Be ready, have a good BYOD policy in place, and make sure your users know what you can and cannot do. Also, don’t forget to implement an automatic patch management and vulnerability scanning system in place to protect against any network breaches which can damage your security compliance and kick start your new year with lawsuits and/or hefty fines.
- TMI on social networks
Teach your users the importance of being careful just how much detail they put out on social networks about new gifts, or any travel plans. Statuses such as “Feeling lonely at the office while the others are celebrating their day off”, can result in burglary or worse.
- Holiday-themed Trojans
Elf Bowling was a classic, but malware hiding in festive e-cards and holiday lights screensavers are still commonly used to deliver malware. Make sure your antivirus software is up-to-date and that users know most of these are dangerous.
Fake credit/debit card readers are popping up in ATM machines and major retailers everywhere. Look closely before you swipe your card and if anything seems out of place, ask the clerk to run your card behind the counter, or go inside the bank and ask the teller to have someone check out the ATM.
- New devices without protection
There will be lots of new computers online, and many will start to connect to your webmail. Send out an email to your users with a list of free and low cost antivirus solutions, and stress the importance of getting those on the new PCs as soon as possible.
- Holiday decorations
Be sure that users don’t overload circuits with party lights. A tripped circuit breaker will not only dampen spirits but could cause data loss. Being festive in the office is great, but hanging decorations from the fire sprinklers could lead to a very soggy cleanup, so keep them on the walls and cubicles and avoid anything hanging from the ceiling.
With these points covered, then you can truly enjoy the festivities!