Now that the calendar has officially pushed us into the Holiday season, the reality of buying gifts is quickly building stress in your staff to make sure they get all the right gifts prior to the Christmas Holiday.
Did you know that up to 64% of employees report that they plan to do some holiday shopping while at work? This statistic makes people like us in the IT industry nervous and it should cause concern for business owners and leaders also. Here are a few more stats that will help highlight the need for more attention to being cyber aware as employees begin to look for the best deals on Cyber Monday and beyond:
- 76% of companies allow online shopping on company time and devices
- 55% said their company permits workers to shop online but has no strategy for educating on the risks associated with these types of activities
If your company allows online shopping, or if you are unaware what your employees are doing, it is a very good idea to offer them some information and support to help make sure their personal data (and yours) remains secure. Here are some easy things to share and encourage your staff to remain focused on as they look to make online purchases:
- Shop from known websites (trusted sources)
- Don’t click on ads unless you are 100% certain they are legitimate
- Be careful giving out personal banking information
- Learn how to recognize secure and insecure websites
- Learn how to recognize phishing emails and dangerous attachments
- Use secure passwords and never reuse them on multiple sites
The cyber grinches have gotten very good at disguising their phishing attempts with both realistic and reputable companies like Amazon, Wayfair, or Macy’s. A well disguised email with timely information like a deal or discount could be from a hacker instead of a retailer and your personal or company information could be compromised.
Can you spot the telltale signs of a phishing email?
- The email address is not a valid omniperforms.com address, but rather an 0mniperforms.org address. Scammers will make subtle changes to the top-level domain to fool you.
- The To: and Cc: are missing so that you can tell this is a mass targeted email phishing attack.
- Hovering your mouse over the link, you can see that this is not an omniperforms.com address. Instead it is an external address trying to steal your credentials.
- The signature is generic as to not alert you to any phishing attempt.
If you are not taking advantage of our advanced threat hunting tools, cybersecurity awareness training and anti-phishing resources, get yourself an early Christmas gift by asking us how to deploy them for you. It could be the best money you will ever spend.
Chip Calissie is the Director of Sales & Marketing for Omni Strategic Technologies, a company that specializes in delivering exceptional tech support and best-in-class advisory services.