Tighten up your email security policies! The scammers are knocking on the door and your employees may actually answer.
The holidays are generally a relaxed time at many small and medium enterprises (SMEs). With parties to look forward to, often a lighter workload and a genial atmosphere, it’s tempting for IT personnel to let down their guard and take a breather.
Only guess who’s not taking a breather? That’s right – hackers, scammers, ID thieves and other ne’er do wells are working as hard as ever to liberate your customer data, company information and employee records from the safety of your servers.
Don’t Click That Link
In the “click first” mentality of today’s modern communications, one of the easiest, most effective and most profitable tools hackers have is a simple email. E-mail based ransomware, phishing and whaling schemes cost companies millions in fraudulent transactions and lost productivity each year. And no scammer is taking a break for the holidays.
If your business email policy clearly forbids personal emails, that’s a great start. (If you don’t have a formal email policy for your employees, get one ASAP!) But too many employees use their company email address for non-work interactions, such as communicating with online shopping portals. And when a tempting discount offer lands in an email inbox, all too many workers will click, go and ask questions later.
Under the best of circumstances, click-happy employees leave your company vulnerable to phishing scams and spoofed links. During the holidays, the risk intensifies.
The 12 Scams of Christmas
The Better Business Bureau has issued a warning about all those scammers out there trying to steal a bit of your holiday cheer (and data). IT personnel should share these warnings with employees – it may save a few headaches for the business and for the employee’s wallet. Some are more of a danger to a workplace than others, but all should be avoided at all costs.
1. Look-Alike Websites: The BBB reminds us how easy it is for scammers to mimic a legitimate website. You may think you’re taking advantage of a great discount offer, but you could be emptying your wallet AND opening up your company PCs to a malware infection
2. Social Media Gift Exchange: Hey, if you buy one gift and send it out, you’ll end up with 36 gifts! How awesome! Actually, this is a pyramid scheme and it’s illegal, and you’re very likely to get scammed.
3. Temporary Holiday Jobs: A part-time job lead? Great! But the warning bells should sound if this “job lead” requires you to pay a fee via credit card online. Also, you shouldn’t be looking for a new job at your current job. Just sayin’.
4. Grandparent Scams: This is just wrong. Seniors should be warned about receiving a phone call from a grandchild who was supposedly in an accident or in some sort of trouble and needs money sent. Old school scam, still just as vile.
5. Free Gift Cards: Nothing is free, people! These pop-up offers for free gift cards is just a way to steal personal data.
6. E-Cards: You just received a gift card via email to your company computer. Sounds exciting, right? Beware the e-gift card scam. If the sender’s name isn’t apparent or you need to enter more info to claim your gift, let the warning bells sound.
7. Fake Shipping Scam: You receive an email notification about a shipment. You could think this is a personal purchase or a company shipment you aren’t aware of. One click on the “shipping info” attachment and you can be sent to a site than downloads malware onto your machine — and possibly onto your company’s servers.
8. Phony Charities: We’re all feeling generous and emotional during the holidays and are way more likely to click on solicitation links. Beware scam charities that reinvent themselves every holiday and during every natural disaster. Vet your charitable giving at Give.org before donating, the BBB recommends.
9. Unusual Forms of Payment: Beware of any seller who wants your payment in alternative forms – prepaid debit cards, wire transfer, third parties, etc. If it sounds shady, it likely is.
10. Travel Scams: When you’re surfing the web at work looking for a holiday getaway, be very careful. Avoid booking through online ads and never, ever wire money to someone you don’t know.
11. Letters from Santa: Really, hackers are messing with this charming holiday tradition? While many reputable companies offer this service, scammers have honed in with a version that attempts to get mom and dad’s personal data. The BBB recommends you check out any such service.
12. Puppy Scams: Beware buying a pet over the Internet. ‘Nough said.