This year we are all resigned to the fact that Christmas will be different and all we can do is make the best of a difficult situation.
However don’t let cyber criminals make it even worse.
Many of us have been working from home for a number of months now and this looks set to continue. Are your team using the same PCs/laptops for their Christmas shopping as they are for their work?
With Black Friday over, we are now on the hunt for the best Christmas deals. In the rush from one online shop to the next it’s easy to become distracted, frantically opening emails in between shopping searches. This year more than ever, many of us will be purchasing gifts online but as sales boom, so do cyber-attacks.
With so many of us shopping online, we open ourselves up to phishing, spam email, malicious websites, viruses to name a few . . . fighting to enter our network, aiming to steal critical business information or fraudulently accessing financial records whilst our focus is elsewhere.
At this time of year, cyber criminals will most likely be impersonating retailers, couriers, and payment services.
You may also be sent fake notifications, referring to a payment failure, tracking number, supposed refund, fake voucher or coupons.
What could happen if you ignore this blog, and click on a phishing link or download an attachment? Well, you may install malware, such as a virus, spyware, or ransomware on the company’s system. This is typically done without you realising it’s actually happening.
Additionally, the festive period is an ideal time for a hacker to be laying traps upon your network and systems awaiting your return after the holidays.
In the unfortunate event of clicking on a phishing link or downloading an attachment, you should consider taking the following actions, along with these preventative ones too:
- Disconnect your device
The first thing you must do immediately is disconnect the comprised device from the internet. The easiest way to do this is unplug the internet cable from your computer or laptop. If connected through Wi-Fi, then you should disconnect from your Wi-Fi network via the device settings. If unable to locate the settings, then go to your Wi-Fi router and shut it down.
This will reduce the risk of malware spreading to other devices on your network and prevent the malware sending out sensitive information from your devices.
- Backup your files
The malware may attempt to destroy or erase your data during the phishing attack, so it is highly recommended that you regularly backup your files to ensure that you don’t lose it all. If you have never copied your files to a backup device or program, then we suggest using external hard drive, USB thumb drive or ideally cloud storage.
- Scan your system for Malware
If you are not very technical and don’t really know where to begin with scanning your device, we recommend taking your device to a professional and having it checked for malware. Normally devices are now installed with anti-malware software to protect you and your data. It is good routine to run a scan on your devices on a regular basis.
- Change your credentials
Malware may be used to harvest sensitive information including usernames, passwords, banking information and other identifying information. You may want to change all your credentials to ensure your online accounts are not compromised. This includes email, online banking, social media and shopping accounts.
Do not use the same username or passwords for all the same accounts as this makes it very easy for the cyber criminals to log into all your accounts. Create passwords that are strong and have at least 8 characters, a number, a capital letter and a special character.
- Sign up for Action fraud alert
You can sign up for free to Action Fraud Alert and they will send you direct, verified, accurate information about scams and frauds in your area by email, recorded voice and text message. It may seem over the top but it is best to have yourself covered and kept up to date with this information. Look at https://www.actionfraud.police.uk/sign-up-for-action-fraud-alert for more information on how to sign up.
- Continue with caution
Phishing scams have become a very dangerous threat to the digital age and your best protection is to instantly delete an email that you don’t recognise or looks somewhat ‘off’. Remember a legitimate business will never ask you to share sensitive information via insecure channels like email or text. If the message is truly important, they will attempt to contact you via different methods such as telephone.
If you are in any doubt or need any help or advice about security measures or backups for your business, please do get in touch with us here at SCS Technology Solutions.