BY JAKE GIBSON, Chief Compliance Officer and Chief Security Officer, LightEdge Solutions
While December may be the most wonderful time of the year for some because of the holidays, it’s also the perfect time of the year for online scammers.
Cybercriminals don’t hesitate to take advantage of holiday enthusiasm. And with online and mobile shopping continuing to rise, online fraud is expected to reach all-time highs in December.
Cyberattacks are on pace to rise by almost 60 percent this holiday season, according to a report published by cybersecurity provider Carbon Black.The report found a spike in cybersecurity alerts during 2017’s Black Friday and Cyber Monday, and that rise lasted until the end of the year.
But this is just the beginning.
December marks the beginning of a four-month stretch of cybercriminal activity that extends into tax season. After the holidays, people usually turn their attention to taxes and their returns. In response, online scammers come out in full force.
Some of the more common ways cybercriminals try to pry personal information away are through emails, website spoofing and phone calls. These can be deceiving, so here are some tips to keep scammers at bay and stay safe over the next four months.
These tips are especially important when using a computer or device at work. Accidentally clicking on a faulty link can leave you and your company susceptible to an attack, which can be extremely costly.
Don’t trust it, don’t click it
Especially during tax season, email phishing is an extremely common tactic for cybercriminals.
While everyone’s guard is down amid online shopping and filing taxes — most people are expecting some form of communication via email during the next few months — scammers send out emails purporting a number of claims.
These claims can be anything from your Amazon account being locked to the Internal Revenue Service having an important message to share with you. The sender then asks you to click on a link, which can lead to malware or other harmful downloads.
To combat this, only click on links from people or organizations you trust. If you are unsure of the source, copy and paste the link into a word document and see where it leads you. If it isn’t where you expected, stay away.
You can also contact the person or organization directly to confirm the email is indeed from them. If you do receive an email from the IRS specifically, be skeptical. The IRS usually doesn’t contact via email and provides a hotline if you want to contact the organization directly: 1-800-829-4933.
Know where you’re surfing
When you’re scouring the internet to find the best price on that perfect gift, be careful not to give information away to a faulty website.
Fraudsters can actually spoof a shopping website like Amazon and make it look authentic. While most tech-savvy people will pick up on this, it can be difficult for those not looking at key clues. The URL may be similar — like Amazonn.com or Amazon.biz — and the page may look extremely similar to the real thing.
Even the padlock symbol on the top of browsers, meant to show that your payment info is being entered securely, can be duplicated. Be sure to slow down and double-check website URLs and design.
While not technically online, scammers can use the internet to robo-call a variety of phone numbers and ask for personal information. Most of us have dealt with a scam call, and the majority are more frustrating than believable, but some can actually be realistic.
Scammers can copy local numbers of police departments or governmental agencies, making the call seem authentic. It can take a lot of effort to stop these calls — they can come from a variety of numbers, which makes blocking tough to do — but you can report each spam call you get here.You can also put your number on the Federal Trade Commission’s Do Not Call Registry.
My advice goes back to my main message: Don’t give out personal information to someone or something you don’t trust. Taking a breath and slowing down will help you achieve this.
Update and patch
If you do make a mistake and click on a faulty link or give out login information, updating and patching your systems will be important. These preventive measures may stop ransomware or malware from affecting your computer or systems.
My key takeaway is to stay diligent and know who or what you’re communicating with over email or online. This doesn’t just apply to the next four months, but to all times of the year.