'Tis the season to be jolly for cyber criminals

by Kevin Bailey, Head of Market Strategy.

Protecting your organisation during the Festive online shopping season.

Christmas comes but once a year, presenting the perfect opportunity for retailers (both on the High Street and online) to end the year with a boom and for consumers, to spend, spend, spend! However it’s not just the retailers that like to take advantage during the season of goodwill. This year’s busy online shopping period, in fact the busiest since records began, also provides the perfect opportunity for cyber criminals; gifting us with to-good-to-be-true offers by email, which really are too good to be true and the only gift we receive is more unwanted than last year’s pair of socks from Auntie. With employees increasingly shopping on work devices as well as bringing their own devices onto business networks, what can you do as a business to reduce the risk?

A recent article in the Daily Telegraph mentions, Metropolitan Police Commissioner Sir Bernard Hogan Howe warning in a recent statement that “…cyber-crime is the growth industry of the criminal underworld”, emphasising how cyber criminals target Christmas shoppers in particular. One well known phishing scam from last year, involved 25 year old Egyptian Tamer Abdelhamid sending phishing emails pretending to be from his victim’s bank. He then sold her bank details for over £3,000. Whilst a somewhat extreme case, this kind of scam is all too familiar and cyber criminals are becoming more and more sophisticated in their tactics. So, just as the Christmas season is as the peak sales period for retailers, it’s also the period which offers the most potential and profit for scammers.

With more and more employees doing their Christmas shopping online either during their lunch break or in stolen minutes before or after work, it’s vital that companies acknowledge the increase in vulnerability to cyber-attacks during this period. Just like as mentioned in the recent Clearswift blog on Operation Waking Shark 2, it’s the weak point in the value chain that cyber criminals will target. So, even if they’re not after your employees’ details, they may well be looking for a way into your organisation’s network.

It’s essential to instil a strong IT policy which is clearly visible throughout the organisation on a daily basis, and encourage communication around the issue of IT and security. As well as ensuring your security software is up-to-date, key points to highlight to staff include:

  • Only shop on websites that you know and trust
  • Use a different password each time you register for a new shopping site
  • Check if the URL contains HTTPS- the “S” stands for secure and adds an extra level of protection.

Ensuring these simple measures are in place will ensure that your business remains as safe as possible during the festive shopping period so that Christmas is a ‘ho ho ho’ pleasure and not a ‘bah-humbug’ cyber-headache!