As you fill your online shopping baskets with gifts for your loved ones and submit charitable donations to your favorite nonprofits this holiday season, do so with caution. By no means do we want to dampen the holiday spirit that’s floating through the air, but the number of cyberattacks skyrockets during this time of year. When looking at cyberattacks on businesses, 86% of ransomware attacks happen on a holiday or weekend.
For individuals, the spike in attacks follows suit. Hackers are counting on each victim to be swept up in all the holiday joy and let their guard down, opening their finances and other assets up to attacks. In the same way that you’re getting crafty with your thoughtful gift ideas, scammers are getting crafty with their sneaky methods.
If you want to spend the next couple of months drinking hot cocoa and enjoying loved ones instead of dealing with a cyberattack, it’s time to get educated on how you can protect yourself from these bad actors.
Why The Spike?
Hackers always look forward to the holiday season, but not because of delicious treats and fun décor; they’re waiting in the wings for families to make simple cybersecurity mistakes. But what about this time of year specifically causes such a notable spike in attacks? There are a few reasons:
1. People are spending more money. More online transactions lead to more opportunities for data siphoning or payment scams.
2. Donations, donations, donations. Have you ever sent money to a nonprofit organization you just heard of during the holidays? If so, you’re not alone. Improper vetting of these organizations can result in your funds being used for something other than what you thought.
3. Seasonal employees with little-to-no cybersecurity training. Many businesses bring in additional staff to manage the spike in sales, but these staff are often trained quickly, and cybersecurity practices are likely to be overlooked. Human error due to lack of training can result in sensitive customer data getting stolen.
4. The busyness of it all. You’ve got a million things going on, and as a result, something might slip through the cracks. Hackers love the “cracks.” They’re perfect for taking advantage of well-meaning individuals.
Common Attacks During The Holidays
At this point, it’s clear why cyberattacks and related risks increase during the holiday season, but understanding what those attacks look like is another story. Here are a few of the most common types of attacks that you might face this season:
Classic Phishing Attacks
If you’ve ever gotten a text or an email about a UPS package that wasn’t delivered when you weren’t expecting any packages, it was probably a phishing attempt. During the holiday season, when many people are waiting for packages, hackers will use AI to flood users with phishing attacks. Postal services will not contact you via text. Don’t fall for it!
Fraudulent Websites
While it may seem unlikely that you could end up on a fake website to purchase one of your favorite products, it’s actually extremely common. Hackers use pop-up advertisements and other methods to draw you to illegitimate websites that look just like the real thing. Always be sure to double-check the URL before you submit payment details or other personal information.
Account Takeovers
As frustrating as it is, e-commerce websites aren’t usually as secure as they should be. Without proper protections, the very place where you do your shopping could be compromised. Let’s say you have an Old Navy online account and a hacker is able to get your credentials to that account. They can then steal your payment information, submit fraudulent orders, and more.
E-Skimming
When you get to the final step of making a purchase, hackers can corrupt the payment page and steal your credit card information as you type it in. This method is especially damaging because it can be hard to know that it’s happening until your payment details are used to make large purchases down the line.
4 Tips for Staying Safe
Protecting yourself from the true Scrooges of Christmas doesn’t have to be hard. With a few key precautions, you can make it through the holidays unscathed—unless that one uncle decides to start a debate at the dinner table.
1. Use credit cards for purchases. When buying items online, opt to pay with a credit card instead of a debit card. Usually, credit card companies have more robust consumer protections for fraud and are a bit easier to work with if you’re trying to recover stolen funds. Be sure to monitor your transactions regularly. If anything shows up that you don’t remember purchasing, call the credit card company immediately.
2. Create strong passwords and change them regularly! People who re-use passwords for multiple accounts are much more likely to fall victim to cyberattacks. Be sure to create unique passwords for every new account you create and update them regularly. That password that you’ve been using for 10 years? Retire it.
3. Ensure you’re on trusted websites. If you’re making a purchase from a website you’ve never seen, you might want to reconsider. Instead, try to shop on trusted sites that you’ve loved for years. Even if it’s a site you know and love, be sure to verify the website URL before making any purchases.
4. Take extra precautions. While it’s easy to romanticize sitting at a café and sipping a peppermint mocha while you do your online shopping, using public Wi-Fi networks opens you up to hackers. If possible, use your home network and use a VPN for extra protection.
Combatting Technology Risks With Technology
At Nesbit Agencies, it’s our job to make sure that our clients can move through every season of life in the safest way possible. As the weather gets colder and the comfort food gets warmer—we’re looking at you, mashed potatoes—take a few extra steps to make sure your personal and business assets are protected. AI-powered cyberattacks are one of the fastest ways to lose all sense of the holiday joy that only comes once a year. Don’t let hackers steal that from you either.
While hackers are using AI to make their attacks as detrimental as possible, the team at Nesbit is using AI to offer the right protections to our clients. By “fighting fire with fire,” we can quickly detect fraudulent activities, offer 24/7 support, and keep your personal data safeguarded.
