Nearly 90% of businesses experienced targeted phishing attacks in 2019. Phishing remains a major problem whether you have a large enterprise corporation or a small business in Lake Okeechobee.
2020 has been a particularly active year for phishing scammers, with millions of COVID-19 related phishing campaigns being released to try to take advantage of the disruption that the pandemic caused. Now with the holiday season upon us, an onslaught of seasonal phishing attacks are coming.
Without the proper employee security awareness training and network protections in place through managed IT support, your business could be at risk of any number of phishing related issues.
Some of the most common phishing scams result in:
- Theft of login credentials
- Ransomware infection
- Theft of credit card details
- Breach of sensitive business data
- Identify theft
- Viruses or other malware infections
A single successful phishing email can cost a small business $100,000 in losses.
Security protections against phishing need to take a two-pronged approach, which includes user awareness and backend software and monitoring.
Most Common Holiday Phishing Scams to Watch For
If employees are armed with the knowledge of what to watch out for, they can better avoid falling victim to a clever holiday phishing scam. Here are some of the most popular that they should be on the lookout for.
Fake Holiday Gathering Surveys
One type of holiday phishing scam is the survey related to an office holiday event. Excited employees are usually happy to give their input on what to do for festivities, but these surveys can often be phishing scams.
It’s best to question any survey like this by asking around the office to ensure a holiday survey is legitimate.
Fake Tracking Emails
Holiday shopping online is in full swing during November and December and this results in lots of email tracking notices. Scammers take advantage of this by making their fake tracking emails look like the real thing and even use logos of popular delivery services like UPS or USPS.
It’s safer to always go directly to a retail or shipper’s website to track an order that has been placed rather than to click on a link in an email that could possibly be a phishing scam.
Holiday Schedule Scams
It’s not unusual for businesses to have holiday schedules that they send out to their customers or vendors via a file attachment. Unfortunately, this tactic is another of the seasonal scams used in phishing attacks.
Attackers try to hide their messages among others that are commonly sent during the season. In order to avoid this, it’s important to have proper email filtering and anti-malware protection on a computer.
Users should also be wary of these holiday schedule emails and instead of opening an attachment, check with the vendor or customer to see if they in fact did send a holiday schedule out.
Just like tracking emails, order receipts are another type of email that comes in more frequently during the holiday season due to the increase in online shopping.
Scammers can cleverly spoof retail emails like those from Amazon, fooling someone into clicking before they think to find out what a certain order is all about.
It’s a good rule of thumb to always hover over links before clicking, as this will reveal the real URL and quickly show a message to be a scam.
Phishing Safeguards to Keep Your Network Protected
Email filtering helps reduce the number of phishing emails that make it into user inboxes. It compares data from incoming messages against known threat metrics and quarantines anything that looks like phishing.
Filtering also keeps out spam which reduces the amount of junk email that employees have to spend time sorting through.
Another important type of filtering to use is for malicious websites. DNS filtering can stop an employee from going to a malicious website even after they’ve accidentally clicked a phishing link.
DNS filtering checks URLs against known malicious sites and blocks anything that could have malware.
Ongoing Employee Awareness Training
Employees should be trained regularly on IT security awareness and phishing safety. This ensures they understand how important it is to always be on guard and keeps them aware of the newest tricks that scammers may be using to try to fool them.
If a user accidentally opens a dangerous file attachment, a good antivirus will block the malicious script before it has a chance to infect your system.
It’s important to have managed antivirus/anti-malware because this ensures that any threats are being monitored, so adjustments to system security can be made accordingly.
Prepare for Online Threats with Managed IT Services
Managed IT services from Cris’s Tech Repair provides your business with multiple IT security protections against phishing and other online threats.
Learn more today about our affordable managed IT plans by calling 561-985-4961 or contacting us online.