How to avoid festive phishing

festive-phishingThe holiday shopping season has begun and consumers are on the hunt for the best bargains. During Black Friday and Cyber Monday, companies have the greatest potential for increased holiday sales. Cyber criminals are aware of this and are also on the hunt. They seek out vulnerable consumers and businesses to attack that will get them the largest pay out.

The Anti-Phishing Working Group (APWG) observed a 250% surge in phishing attacks between October 2015 and March 2016 – the highest it has been since they first started tracking phishing attacks.

“We always see a surge in phishing during the holiday season, but the number of phishing sites kept going up from December into the spring of 2016,” said Greg Aaron, APWG Senior Research Fellow and Vice-President of iThreat Cyber Group, in a press release.

According to their report, the retail/service sector was the most targeted industry.

So, while millions of customers line up outside stores anticipating to get discounted items, hackers are also coming out in numbers.

What consumers should know to protect themselves

When visiting a store, it’s best to use cash. If you use a credit or debit card, make sure you check your accounts afterward to ensure there haven’t been any unauthorized transactions.

Some things to look out for when shopping online:

  • Watch out for discount and coupon scams known as clickbaiting
  • Hackers utilize malicious hashtags that link to fake sites to grab your personal data
  • Do not use mobile devices to make purchases on public Wi-Fi networks

What companies should know to stay protected:

In 2015, the number one threat concern for businesses was spear phishing and phishing, according to the 2015 Cyberthreat Defense Report from CyberEdge Group.

Tactics that organizations and their employees can follow this busy holiday season include:

  • Inform employees on how to spot phishing emails
  • Keep an eye on social media postings that may use your company’s hashtags or images
  • Communicate with customers to verify that discounts are valid promotions

Knowing how to stay safe against cyber threats this holiday season and in the future is vital to any company’s growth. Cybersecurity begins with educating your staff. Start training your workforce today with IT Governance’s e-learning Phishing Staff Awareness Course.

You can also test whether your employees are vulnerable to email attacks with a Simulated Phishing Attack. The results will enable you to take immediate actions to improve your cybersecurity and reduce the chances of a security breach.

Stay protected this festive season. Test your employees with a Simulated Phishing Attack >>