Hacking2

Tales of woe and tips to prevent being victimized

Statistics show that each year hacking ramps up during the fourth quarter. Cybercriminals follow the money as individuals and businesses alike spend more money both in traditional box stores and online. This uptick in financial activity lures bad actors to the internet like moths to a flame. Now is the time for everyone to practice hypervigilance when it comes to security. Here are a few stories about recent hacks as well as ways to protect yourself and your business as the year wraps up.

Why Now?

More financial transactions occur during the holidays (Hanukkah, Christmas, and New Year’s) than during any time of the year. According to a recent piece by eMarketer, “total U.S. retail sales will climb 3.8 percent this year to $1.008 trillion.” That makes this the “first-ever trillion-dollar holiday season.” Additionally, U.S. retail e-commerce spending is expected to rise 13.2 percent to $135.35 billion, according to the same article.

The National Federation of Independent Business reports that one-third of U.S. small businesses testify that the fourth quarter is their most profitable. That means both individuals and organizations alike are spending more of their budget as the year comes to an end. Individuals and businesses are not alone in their fourth-quarter spending habits. According to governmentcontract.com, nearly one-third of federal dollars spent annually are awarded during the fourth quarter. Based on the organization’s research, it’s evident that Uncle Sam loves the holiday spending season just like every other American.

But as spending ramps up among shoppers, retailers, financial institutions, and other organizations, as well as individuals, are at a greater risk of being hacked. Cybercriminals follow the money and there’s plenty being spent this time of year. From retailers and hotels to airlines and financial institutions, businesses are hit even harder during the holiday season as it coincides with the last quarter of the year.

Hacking the Holidays

Major retailer Macy’s experienced a massive breach on Oct. 7, 2019, just weeks before Americans were expected to spend billions during Black Friday. According to TechRepublic, the company did not realize its systems had been hacked until Oct. 15, leaving thousands of its customers vulnerable as the holiday shopping season kicked off. Macy’s had to notify thousands of customers that their credit card information was swiped by hackers.

Scammers also strike out at businesses more during the fourth quarter. According to an online article by Fox Business, this is due to the increase in emails during the holidays and tax preparation season. Small businesses are being hammered with phishing scams containing messages that look completely legitimate. They often include the names of actual companies and attachments that read “invoice,” “receipt,” or other titles to get business leaders and employees to click.

“An unsuspecting owner or employee clicks on a link or attachment and… finds that malicious software has invaded their PCs,” reports Fox Business. Through social engineering, cybercriminals are able to construct emails that are increasingly realistic.

A report by the Boston Globe demonstrates how easily one can be duped. Emails often come in the form of a plea for assistance from a friend or family member. Of course, we all want to help, especially during the holidays, but we wary of such requests. The Boston Globe piece reported that a local woman ended up losing out on $800 to a phishing scam. If she had simply picked up the phone and called her friend directly, she could have saved herself a great deal of money and trouble.

10 Tips for Protecting Yourself

There are several steps you can take to protect yourself from becoming a victim this season. Start with updating your antivirus and browser with security patches. Be sure to shut down your computer, laptop, tablet, and mobile phone every evening to allow these devices to auto-update.

Avoid using hot spots as public Wi-Fi is not secure. Cybercriminals are adept at setting up fake public Wi-Fi hot spots to capture your login credentials and credit card information. Stick to making your purchases online from your secured Wi-Fi at home.

Don’t get phished! Be hypervigilant this holiday season when it comes to sharing sensitive information or financial data. If you receive an unexpected email from a friend or family member, contact them directly by phone or text to see if they sent you something before opening it or any attachments. Additionally, be careful about what websites you visit and click with care.

Visit only trusted retailer websites and ensure they are secure. Always look for the website address to be proceeded by the https. That “s” at the end means it’s safe to shop. If the “s” is missing at the end of the http, the site is not fully secure so don’t shop on it.

Be suspicious of deals that are too good to be true. They probably are and may be a scam to get you to click on a bad link or even offer items to capture your credit card information. Comparison shopping not only saves you money, but fraudulent websites typically don’t have reviews. By comparison shopping, you could be tipped off to a bad site.

Watch your bank and credit card statements carefully. With the digital age comes instant access to your accounts so you don’t have to wait for a paper statement to arrive. Hop online daily to check your accounts if possible as this is good practice during the fourth quarter when hacking ramps up. You’ll be alerted quickly in case your account is breached.

Stick to using credit cards online rather than your debit card. Credit cards typically offer more protection against breaches. Additionally, use just one card so you only have to check one account daily to ensure that your money is secure. Also, watch the return policy of websites you shop at. Reputable retailers have a customer-friendly return policy. If the return policy seems lacking or too stringent, shop elsewhere.

Safeguarding Your Business

Just as individuals need to be especially vigilant during the holidays, businesses and organizations of every size should be as well. There are several steps you can take to protect your company during this final quarter of the year.

Start with proper cybersecurity training for your employees. Your staff is your first line of defense. If you train them regarding cybersecurity regularly throughout the year, your chances of being hacked are greatly reduced.

Make sure your systems, software, and applications are updated. Ensure that your IT department is on top of updates to your firewall, antivirus, and anti-malware software. If you don’t have an internal technology department, you can hire a third-party vendor such as ORAM Corporate Advisors to do a security check and handle these items for you affordably.

Put your business or organization through a technology assessment and cybersecurity analysis. Your company should be doing a regular annual technology assessment anyway. It will help you identify security features you have in place, where there may be security vulnerabilities in your systems, and how to best address them. Just like with your health, an ounce of prevention is worth a pound of cure.

Instate an email resilience program within your company. This can be accomplished by using multifactor authentication and email screening software as a service (SAS). This software can scan your emails before delivery with the intent of preventing phishing scams before they can reach vulnerable employees.

If you need assistance in securing your organization, contact ORAM now at (617) 933-5060 or visit us online to schedule a free initial consultation. Our experts are here to keep your business safe and sound throughout the year.