‘Tis the season. Cookies baking. Candles lit. Festive gatherings every other night. And, lots and lots of shopping! As we shop, we offer up our credit card information, logins and all sorts of personally identifiable details about ourselves. And, your customers are doing the same when they work or shop with you. So, it’s critical that you’re protecting yourself as you go about your holiday festivities – and that you’re diligent in the workplace too.
Remind your team about common holiday scams.
Cybercriminals take advantage of how busy and distracted people can be this time of year, meaning scams abound. Take a moment to spread the word about these common holiday concerns so that your network and your teammates stay safe this holiday season:
- Spoofing charities (or banks). Criminals may create a website, send emails or even post on social media requesting charitable donations. These may look like charities with which you’re already familiar, but if you want to donate, go directly to the source instead of clicking on the links provided. (They pull the same scam with bank accounts and bills too!)
- False shipping notifications. It’s easy for a criminal to send you an email that looks like it’s from a big-name shipping company and which contains a link to “view shipping details.” Most of us are curious by nature and will click the link to find out what’s on its way. Clicking the link is the first step in giving a criminal access to your machine.
- Extra invoices. Whether these arrive by email or the old fashioned way, criminals know that there is more buying activity at this time of year and try to sneak in extra charges undiscovered – often making it look like their invoice is from a large, well-known company. If you have doubts about the purchase, look into it before automatically paying the bill.
- Faux customer feedback surveys. If you click on a feedback survey and it asks for any type of personal detail, close out of it. Don’t give out your personal information to an unknown source – even if they promise deep discounts or free items.
- Screen savers and holiday apps. As fun as it is to have a Frosty the Snowman background or holiday countdown running, keep in mind that many of these are distributed by unknown technology companies. Take a few minutes to read up on the distributor before downloading these fun and festive treats.
As fun as it is to have a Frosty the Snowman background or holiday countdown running, keep in mind that many of these are distributed by unknown technology companies.
Share extra cybersecurity tips with remote workers.
- Change passwords on new devices. Many homes will be excited by new technology toys and smart devices this time of year. It’s important that, as people set these up on their home networks, they realize the importance of changing the default passwords. Make sure that these new items don’t become an access point to your sensitive company data as they come online.
- Use safe, known Wi-Fi connections. The holidays also mean travel and visiting. Remote team members may be working from places other than their home offices at this time of year. Be sure they take the proper precautions when getting online: never use an unsecured Wi-Fi connection!
Be hyper-vigilent with customer data.
- Guard your passwords. Keep in mind that, if a criminal can gain access to your accounts, they gain access to all of the databases and systems where your customer data is stored. So, be sure to keep your passwords unique and secure.
- Be careful with email. We want everyone to have a holly jolly season, so it may be tempting to try to get a task done quickly by forwarding along information, like credit cards or logins, to customers through email. Instead, use a ticketing system that offers fully-encrypted communication to capture and track communication requests with customers.
Talk about risks even more often and tackle each of these tips routinely so that your organization will stay safe online.
Do a tech check.
- Ensure patches are applied. If you’ve been putting off updates, make sure to spend time deploying them now. Don’t leave your network exposed to vulnerabilities simply because software is out-of-date.
- Check up on payment processing partners. If your business relies on accepting electronic payments, double check that your vendor remains up-to-date with all appropriate security protocols and PCI compliance efforts. Do your due diligence.
- Review access controls. This is a good time of year to take a look at who has access to sensitive data and make adjustments as needed. From people simply moving too quickly because of extra holiday stress, to having seasonal workers around, it’s easy for data to be mishandled if it’s too accessible at this time of year.
- Test notification and alarm systems. Don’t rely on the fact that you’ve installed the latest and greatest cybersecurity software or rolled out new keycards to people to keep safe. Double check that everything is in working order so that there are no mishaps in the event of an actual attack.
As the holidays approach, people start to get frantically busy. This makes it easy to become distracted and complacent with security tasks. But, understand that this is a key time of year for cybercriminal activity, so it’s important that you do just the opposite. Talk about risks even more often and tackle each of these tips routinely so that your organization will stay safe online.
Need some easy reminders? Share these videos with your colleagues and friends to help everyone stay safe online this season.