The Holiday Season is Here, and So Are the Hackers

holiday-cyber-securityWith the holidays quickly approaching, it’s hard not to be excited. The holidays are the peak season for hackers. They wait all year, scheming up ways to create their own holiday cheer. While customers are shopping for the best deals, hackers are looking for the opportunity to strike your business with malware, including ransomware and phishing attacks.  

You’ve seen it time and time again, small and large businesses fall victim to malware attacks during the holiday season. In 2013, Target got hacked on Black Friday that resulted in 40 million debit and credit cards compromised. Hackers infiltrated the retail giant’s customer database by installing malware designed to steal card information. 

If a hacker can hit a large business, what stops them from hitting a smaller one? Small companies are the #1 victim of hacking and phishing attempts in the world. The level of expertise in relation to IT Security that a small business can rely upon is typically limited due to resources. It is crucial to have an IT partner that can provide cost-effective and sound security advice.

What can you do to prevent a holiday cyber attack: 

  1. Do you process credit cards? Follow PCI-DSS guidelines to ensure your business maintains a secure environment and protects your customer’s credit card information and personal data. Not following PCI-DSS guidelines puts your business at risk. PCI-DSS mandates transfer the responsibility to business owners to protect credit card information.
  2. Invest in a Next-Generation Firewall that will expose hidden risks, stop unknown threats, and isolate compromised systems to prevent spreading. 
  3. Update your systems regularly to keep your systems free of malicious activity and remove any unused software applications as an added security measure. That Windows 7 machine? It is no longer being updated with security patches as of January 2020, time to upgrade. In addition, routinely scan your website for weak entry points to ensure cyber criminals have no access to your website. 
  4. Remove any sensitive data that is non-essential to your business. Hackers can’t steal information that you don’t have.
  5. Reassure visitors that their personal and financial information is safe and secure by displaying a security trust badge on your website. A URL that begins with HTTPS and displays a padlock near the link will ensure your site is safe for visitors. It also helps with your Search Engine Optimization (SEO). Leading search engines, like Google, have started to remove listings that are not HTTPS enabled. 

Be aware of any suspicious activity not only in your business but also in your personal life.  This holiday season, shop with ease by following these four tips for personal and safe holiday shopping:  

  1. Be Alert for Phishing Emails- Cybercriminals love to send phishing emails because it’s the most effective tactic in capturing your data. Hackers design emails to look like those sent from your favorite stores or brands, hoping you will click the link that takes you to a fake landing page that attempts to collect your login credentials or credit card information.
  2. If you receive an email that looks suspicious, check the “from” email address to ensure its legitimacy, and hover over the URL before clicking to see if it is real or fake.
  3. Avoid Suspicious-Looking Websites- Hackers know that bargain hunters are looking for the best deals; therefore, they sometimes design fake websites that attract customers with enticing deals, hoping they can collect their credit card information.
  4. Avoid Shopping on Free WiFi – Flash deals come and go, so it might be tempting to jump on your phone using public WiFi to buy that deal ASAP, especially if you are traveling for the holiday season. How do you know the Free Wi-Fi is legitimate and is protecting your data while being transmitted? If you connect to free public WiFi, like an airport or hotel, the first thing you should do is connect to a VPN. A VPN encrypts the traffic that comes in and out of your device, restricting hackers from stealing information you input online.