With Halloween deceased for another year, cybercriminals worldwide are removing their terrifying masks after haunting millions of computers worldwide and donning their red hats in preparation for the run up to Christmas. Christmas of course is the season for businesses and consumers to spend more time online, shopping for gifts for the family, scouting for seasonal travel deals and planning family visits and get-togethers. However internet users are asked to stay vigilant at this time of year as cybercriminals run rampant like kids in a candy store.
Online Christmas shopping at work – Increases security risks
With an explosion of workers using valuable company hours to do their Christmas shopping online, a survey by the Information Systems Audit and Control Association into workers’ internet seasonal shopping habits suggests employees who use computers at work for seasonal social networking and to shop online for Christmas presents are putting their employers at an increased risk of web security infiltration from decorated viral internet threats such as malware, spam and phishing attacks.
One of the causes of the increased risk stems from more employees using company mobile devices such as notebooks, smart phones or tablets on wireless networks outside the implemented web security and spam filtering protocols of the corporate network. Mark Lobel, a mobile security project leader with ISACA and adviser at PricewaterhouseCoopers, said: "The number of portable computers and mobile devices in the workplace is only going to increase, so companies need to create a realistic security policy that lets employees stay mobile without compromising intellectual property." Christmas shopping online at work has become so popular in workplaces around the country, that big companies are beginning to lower the boom on employees caught wasting time and adding to productivity inefficiencies. Web security filters and internet monitoring software are now being utilised by businesses to stamp out the use of social media and unrelated web browsing at work.
Seasonal Scams & Security Threats
In addition to the threats related to online shopping other ‘seasonal scams’ that can be prevalent need to be monitored including:
Holiday Phishing Scams – Phishing is the act of tricking consumers into revealing information or performing actions they wouldn’t normally do online using phony email or social media posts. Cyberscammers know that most people are busy around the holidays so they tailor their emails and social messages with holiday themes in the hopes of tricking recipients into revealing personal information.
“It” Gift Scams – Every year there are hot holiday gifts, such as toys and gadgets that sell out early in the season. Examples this year include the new iPhone 5 which will be difficult to track down this side of Christmas. When a gift is hot, not only do sellers mark up the price, but scammers will also start advertising these gifts on rogue websites and social networks, even if they don’t have them. So, consumers could end up paying for an item and giving away credit card details only to receive nothing in return. Once the scammers have the personal financial details, there is little recourse.
Fake Facebook Promotions and Contests – Who doesn’t want to win some free prizes or get a great deal around the holidays? Unfortunately, cyberscammers know that these are attractive lures and they have sprinkled Facebook with phony promotions and competitions aimed at gathering personal information. These could include filling out multiple surveys of personal information to be entered into draws and competitions or granting apps access on Facebook in order to view deals or further promotions.
How to Stay Safe in the Run up to Christmas
The most important thing to remember is that you need to stay vigilant and one step ahead of this season’s cyber-scrooges, and make sure you have appropriate web security procedures in place, otherwise, you could risk giving the cybercriminals the biggest gift of all – your own personal and financial information. Some tips to help you stay safe on the run up to christmas this year include:
- Do not click on an email or web link from an unfamiliar sender or looks "too good to be true".
- Be careful with company information that can be accessed through your mobile device (it suggests using a privacy screen shield).
- Password-protect your mobile device and its memory card.
- Make sure the security tools and processes protecting your work-supplied mobile devices are kept up to date.
- Be extra vigilant when reviewing and responding to emails.