Tech the Halls With These Security Tips
Updated: November 26, 2019
Thanksgiving weekend sales continue to break records year over year both online and off. Cyber Monday sales alone have steadily increased, with a recorded $7.87 Billion in eCommerce revenue in 2018 and $9.37 Billion, a 18.9% increase, predicted for 2019. While you’re hunting for deals, hackers are hard at work, too. Cyber criminals go where the money is, which means that that your financial records and organization could both be vulnerable this Cyber Monday.
According to cybersecurity researchers, the holiday season is a perfect storm – and they aren’t referring to a white Christmas. Forty percent of all cybercrime occurs in October, November, and December, as cyber fraudsters prey on gullible shoppers or e-commerce newcomers. Attackers set up scam websites, organize DDoS attacks, and write malicious apps to steal from shoppers and disrupt business operations.
Tips for Consumers
On Cyber Monday, hackers have their pick of potential victims. Avoid becoming an easy target by following these basic security best practices.
- Most people are cautious when opening emails and aware of malicious links. However, the savvy cyber criminal is diversifying their portfolio by adapting this trick to social media. Hackers post links to clickbait deals on Twitter or Facebook, directing users to malicious websites or executing a cyber attack. Avoid malicious links by hovering over links with your cursor to scrutinize the URL. Look carefully for any misspellings or anomalies, which suggests tampering. Before you click that link, remember: if a deal seems too good to be true, it probably is.
- Consider creating an e-shopping specific email address. Using your company or personal email is fraught with cyber danger. If compromised by an attacker, your personal email can be easily used to reset your passwords, while a company email address can make you a target and put your employer at risk.
- After you review your digital cart, review your retailer’s security posture. Does the website connect with HTTPS, ensuring that your information is encrypted? Can you check out using two-factor authentication? Does the company enforce password standards? These practices are simple measures that indicate the retailer’s overall cybersecurity health.
Notes for Corporations
- A detrimental attack to an organization is a Denial of Service (DoS). In addition to targeting customers, nefarious cyber actors can strike websites and infrastructure, causing intentional and costly website outages. Hackers have leveraged the Internet of Things (IoT) to create and control armies of botnets, which are used to overload web servers with false traffic. Amazon Web Services was hit by a DDoS attack this past October, causing eight hours of downtime.
- Be aware of a related threat: the accidental DoS, sometimes called the Hug of Death. Retailers with exciting deals will experience high web traffic from legitimate customers that can overwhelm servers and temporarily shut down their website. Lowe’s suffered due to a surge of online traffic on Black Friday last year. A Cyber Monday attack lasting as little as ten minutes could potentially cost you millions in sales – not including the reputational costs of angered customers and attracting bad publicity. As a result, prevention is the best approach for dealing with the threat of disruptive cyberattacks. Ensure your organization is using basic defenses such as signature-based firewalls and routers that block suspicious traffic.
- Consider load balancers that stabilize traffic across multiple servers. Some of the most effective solutions may even require no technical expertise. Follow the lead of some retailers that have spread Cyber Monday deals over multiple days. The diluted traffic has lowered the risk of site failures in general and reduced the temptation for hackers to deliver a devastating blow to your company.
Be Generous to Your Loved Ones, Not Hackers
Consumers and companies should remain diligent during the holiday shopping season. In pursuit of that elusive deal or the corporate bottom line, make sure you’re spreading security in addition to holiday cheer.