Unsurprisingly, some of the biggest retail days of the year are some of the biggest days for scams, the entire holiday season seeing an increase in threats toward retailers and, as a result, the consumers that are just looking for that perfect gift for their loved ones. Let’s review some statistics and trends to see what insights we can glean.
…at least in terms of shopping days. While the Friday after Thanksgiving was historically the day to seek out deals and steals on your holiday shopping list, this has become less and less the case. Instead, this year’s peak online sales traffic happened on Sunday, November the 19th, naturally followed by Cyber Monday’s traffic levels—which outpaced Black Friday’s by 42% this year.
This tells us that—while many attackers will certainly still take advantage of Black Friday—retailers have shifted their strategies to elongate the shopping season. The more time that these companies have attractive deals, the more traffic their webstores (and brick-and-mortar locations if they have them) see.
As a result of the global COVID-19 pandemic in 2020, many online retailers have started having sales the weekend prior to Thanksgiving, giving shoppers more opportunities for discounts. Unfortunately for everyone, hackers look at this traffic as opportunities to scam people. Cyber Monday has become the biggest day of deals on the Internet and the culmination of the yearly “Black Friday'' sales. This purchasing frenzy consists of tens of billions of dollars changing hands over more than a billion transactions.
The breadth of this event is so big that it stands to reason that cybercrime would increase, but the uptick of phishing attacks that went on during this year’s “Black Friday Week”, is staggering. In fact, multiple sources found that leading up to November’s sales, phishing attacks went up nearly 300 percent. We are talking about an almost pervasive security problem becoming worse, and that inevitably results in more people being scammed, attacks increasing, and what are problematic situations for individuals and organizations, alike.
With so many phishing attacks happening, we thought it would be useful to go through a couple of things that people can do to mitigate these types of attacks.
The first thing you will want to do is to check the email address carefully. Be cautious of email addresses that look suspicious or slightly altered. Also, most phishing emails come in from outside the continental United States and therefore probably have grammar and syntax errors that you wouldn’t see in professional correspondence.
Another good tip is to always turn on multi-factor authentication if it is an option (it almost always is). This adds an extra layer of security, making it more difficult for attackers to gain unauthorized access even if they have your password.
One of the best ways to avoid the negative outcomes of a successful phishing attack is to know exactly what to do. Phishing attacks constantly evolve, so it's important to stay informed about new methods and trends. Regularly educate your staff (and yourself) on the latest phishing techniques and share this information with your colleagues and friends.
A lack of communication can be the main culprit in a phishing attack. Most phishing attacks have language that is intended to build urgency. If there is any question that a message you receive is illegitimate, verify the directions contained in the email. There is no scenario where a manager would rather be the victim of a phishing attack than be asked to verify a request.
With the holidays in full swing, it’s important to be cognizant of all online interactions so as to not become the victim of a cyberattack. If you would like information about tools that can help mitigate cyberthreats and keep your business secure online, give the IT experts at IC Data Communications LLC a call today at (313) 887-1297.