The importance of cybersecurity becomes even more pronounced during the holidays. As people engage in online shopping and festivities, share personal information, and connect with loved ones through digital platforms, they are distracted, and the risk of cyberthreats escalates. It is estimated that $960 billion will be spent in the U.S, with one in three purchases made being impulse decisions. Additionally, 43% of distracted employees don’t follow safety protocols. It’s important to stay vigilant and remind employees to remain cautious while also enjoying the season.
What to Be Aware of
Cybercriminals often exploit the increased online traffic to launch phishing attacks. Over 75% of targeted attacks start with an email, and 84% will be successful within the first ten minutes. Other seasonal threats include gift card scams, fake charity requests, and ‘too good to be true’ deals. Additionally, we often think of cyberattacks occurring solely online. It’s important to remember that cyber criminals use the phone as well to try to extract personal information and ask their targets to do something under unnecessary pressure.
Cyberattacks and SMEs
During the holidays, SMEs face an increased risk of cyberattacks, with perpetrators targeting them through the various methods listed below:
- Privilege misuse is a notable threat as malicious actors may exploit insider access or compromise employee credentials to gain unauthorized entry into sensitive systems.
- Ransomware attacks are when cybercriminals encrypt critical data and demand payment for its release, causing significant disruptions to business operations.
- Denial-of-service attacks, aimed at overwhelming a company’s online services and rendering them inaccessible, are also a prevalent threat.
- Social Engineering Scams where individuals are manipulated to divulge confidential information or perform unethical activities.
- Lost and Stolen Assets which is the loss of hardware such as a laptop or cellphone.
- Web Application Attacks that exploit vulnerabilities in web applications to steal data.
The holiday season serves as an opportune time for cybercriminals to exploit potential vulnerabilities, taking advantage of reduced and distracted staff and increased online transactions.
The 2022 holiday season saw a 550% increase in unique threats. Staying aware and securing personal and financial data is crucial to safeguard individuals and businesses from falling victim to identity theft, fraud, or other cybercrimes.
It is imperative for SMEs to prioritize cybersecurity measures, such as regular employee training, robust access controls, data backups, and comprehensive security protocols, to fortify their digital infrastructure and mitigate the risks associated with cyberthreats during the festive season. Two distinct ways to enhance security controls are implementing multi-factor-authentication and running employee training sessions in November and December. Remember – staying safe is a team effort and it’s important to get everyone on the same page.
Ultimately, the holiday season serves as a reminder for everyone to be vigilant, practice good cybersecurity hygiene, and stay informed about the latest threats. Implementing strong passwords, using secure Wi-Fi networks, and being cautious of suspicious emails and links are essential practices to ensure a safe and enjoyable holiday experience in the digital realm.
For more information, please check out our Holiday Cyberthreats overview.