Holiday Shopping Scams Could Put Your Organization at Risk

Long before Halloween was over, the candy and goblins were shoved aside to make room for Christmas gifts and decorations. Many consumers are starting their Christmas shopping early this year amid concerns of supply chain bottlenecks and inventory shortages.

Holiday Shopping Cybersecurity

But while brick-and-mortar stores cram their shelves with products, increasing numbers of consumers are doing their shopping online. According to a report from Adobe Analytics, online holiday shopping in the U.S. between Nov. 1 and Dec. 31 is expected to reach a record $207 billion. That’s a 10 percent increase over 2020, which saw huge gains in ecommerce sales due to the pandemic.

It also translates into increased cybersecurity risks for organizations. Surveys show that more than two-thirds of U.S. workers use their corporate devices for online shopping, creating opportunities for malicious actors to spread ransomware and other threats. Cybercriminals often launch phishing campaigns during the holiday season, and the Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation recently warned of expected spikes in activity on Black Friday and Cyber Monday.

 

Gifts for Scammers

Cybercriminals love the holidays because there are so many ways to dupe online shoppers. As consumers make their holiday purchases, they are inundated with receipts, order confirmations and shipment tracking information. All of these are easily spoofed by scammers, and unsuspecting users may fail to notice that the links and attachments aren’t legitimate.

Phishing campaigns often feature phony coupons, discount offers or rewards programs to entice users to click on links or give up their personal information. And as Americans increase their giving during the holidays, scammers make bogus appeals for donations by spoofing the logos and websites of legitimate charities.

All of this spells big trouble for organizations. If a user clicks on a malicious link, attachment or website, it could launch a cyberattack that infiltrates the company network. Remote workers who connect to the network using personal devices could inadvertently spread malware or leak sensitive information.

Some organizations have tried to ban online shopping, but that strategy has not proven to be effective. In fact, senior-level executives and managers are by far the biggest offenders, according to one recent survey.

A better approach is to ensure that users have the skills they need to spot cyber threats. Cybersecurity awareness training can help users recognize phishing campaigns and other threats and understand what they need to do to protect themselves and the company.

 

How GDS Can Help Protect Your Organization from Cyber Scams

GDS offers a cybersecurity awareness training program as part of our managed security services. It features interactive modules that are designed to engage users and help them retain and apply what they’ve learned. Topics include general security awareness, password protection, phishing and more. The program can also be customized to meet specific business and IT requirements.

Organizations gain access to the world’s largest library of security training content, which is continually updated to address the latest security threats. Testing tools allow administrators to assess users’ baseline knowledge, while simulated attacks help determine progress and identify any training gaps.

Cybercriminals often launch phishing campaigns during the holiday season.

Many organizations have trouble developing and delivering security training, often resorting to lengthy PowerPoint presentations that are a chore for both users and presenters. Training is done just once a year to check off a box or meet regulatory compliance requirements. However, users quickly forget what they’ve learned and fall back into old habits.

The GDS program can be delivered frequently to reinforce security best practices. In fact, now would be a good time to launch a training program, given the heightened risk of holiday cyber threats. Let us help encourage safe online behaviors among your users this holiday season.

 

 

Benefits of Managed IT Services from Global Data Systems

  • Strategic Managed IT: We help you solve your technology related business problems.
  • Connectivity: We get you reliable, secure connectivity anywhere in the western hemisphere in 48 hours.
  • Support: When you need help simply call our 24x7x365 support number.
  • Billing: Instead of managing hundreds of vendors - get one, easy to read bill from GDS.

Contact Managed Services Provider, Global Data Systems >