The season of celebrating and giving is upon us once again! Although this year’s holiday shopping season is sure to be more vibrant than 2020, the arrival of the new COVID-19 variant is prompting 60% of us to exclusively transact online. This is also true for those of us who are looking to donate money or supplies to help someone in need this season. Covid continues to assist our digital transformation, much to the delight of a certain demographic—cybercriminals!
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have documented a major uptick in highly impactful ransomware attacks during the holidays—when excitement is high and defenses are low. Hackers exploit human vulnerabilities and use social engineering to entice their targets to click on malicious links or provide sensitive information. Some of their brilliant strategies include:
- Fake websites and social media pages – Scammers use spoofed e-commerce websites and social media pages offering deals that are too good to pass up.
- Package delivery scams – Using delivery notifications from legitimate-looking sources, hackers send a fake tracking link containing malware or take you to a site to get personal information.
- Bogus vouchers – Targets are offered a fake discount or gift coupon for an online shop. To redeem the vouchers, they need to click on a link and fill out sensitive information.
- Charity scams – Victims are asked to donate money to a certain charity in the spirit of Christmas. Those who fall for this scam end up “donating” their credit card details and personal information to cybercriminals.
Hackers continue to use these techniques year after year and have only grown more profitable at pulling them off. The $70-million Kaseya hack that locked clients from at least 17 countries out of their systems took place over the July 4th weekend. The $11-million JBS S.A. hack that closed off a quarter of American beef operations for two days occurred on the eve of the Memorial Day weekend. Colonial Pipeline, the top provider of East Coast’s fuel supply, paid $4.4 million in ransom after being forced to shut down its operations during Mother’s Day weekend. Finally, last year’s massive SolarWinds hack came right before Christmas.
It’s worth taking a few moments to remind everyone within your organization of the following precautions to protect your personal data, property, and peace of mind this season.
What YOU Can Do
- Look for “s” (secure) in “https” and the lock icon at the beginning of a site’s address to verify its security.
- Establish strong and unique passwords for each online account.
- Stay alert for phishing emails and deals that look “too good to be true.”
- Don’t log into banking sites or payment sites like Paypal on a public network. Better yet, stay away from public Wi-Fi!
- Shop at well-known retailers that you trust and where you have previously done business.
- Use one credit card for all your holiday shopping, limiting damage if your information is stolen.
- Monitor your bank and credit card accounts during and after the holiday season.
- Make sure your purchases are secured with encryption.
- Do not give out more information than necessary. The only information you need to make an online purchase is your name, address, phone number, and email.
- Keep your devices up to date with current and active anti-virus software.
How TNS Can Help
This holiday season is supposed to be the most wonderful time of the year, so take it easy. Let the security experts at TNS protect your business and perform continuous monitoring while you recharge your energy for another year of hard work. Our award-winning managed security offerings include:
MFA for Email and VPN
Even if hackers could have gotten one of your team members’ passwords, they would need to steal their physical device to gain access to your corporate network. That’s the brilliance of Multi-Factor Authentication or MFA.
Advanced Endpoint Protection
Having 50 employees working in separate locations means you need to consider each location an extension of your business. TNS’ Advanced Endpoint Protection is designed to proactively stop specific types of threats, covering multiple stages of cyberattacks.
Security Awareness Training
Raising awareness is the baseline layer of managed security. TNS can help your team understand proper cyber hygiene, anticipate potential threats they may encounter via email and the web, and realize the security risks associated with their actions.
Mobile Device Management (MDM)
Our MDM solution can proactively secure mobile devices by specifying password policies, regulating access to certain applications and websites, enforcing encryption settings, selectively wiping corporate data, and streamlining the device setup. No matter the device or the team member’s location, MDM software allows us to secure corporate data and personal data.
Implementing a layered approach to security allows for extra protection for your company data not only during the holiday season but year-round. It’s your Managed Service Provider’s job to know which solutions work for you and why. Contact your Account Manager directly to learn more. If you are currently not a TNS partner, complete our contact form and select Managed IT Services as your service of choice or contact us at 203-316-0112 or 212-967-5757. Visit our Facebook and LinkedIn pages to get a copy of the Top 10 Holiday Cybersecurity Tips infographic for your office.