Yesterday marked the peak of the holiday season surge in cyberattacks. Cyber Monday typically results in huge amounts of phishing attacks on consumers and businesses everywhere. A 2017 study by Carbon Black found a 57.5% increase in cyberattacks during the holiday season, compared to 20.5% in 2016. This trend will continue as more and more consumers shop online instead of at traditional stores. Hackers will even employ sneaky tactics like targeting vacationing employees with discount hotels. Just brutal.
Consumers fall for these attacks due to a number of reasons. Retailers send deals for Black Friday and Cyber Monday all at once and consumers let their guard down due to the sheer volume of emails. While a majority of them are legitimate, if an email boasts a deal that is too good to be true, someone might want to jump on it and end up losing their system as a result.
Businesses are also at a much higher risk for phishing during the holiday sale rush. They will experience a spike in emails for customer service and can become numb to opening them. One trick that hackers use is to pose as a disgruntled customer without many technical skills. They will send their “information” in a Word attachment and customer service reps will open it so they can help. Once the hackers are inside an organization, they can impersonate the employee and get access to pretty much whatever they want. Even if the proper access controls are in place, that employee’s files are still compromised. Often times these attacks are targeted and well planned out so that the right accounts are hacked. After gaining access, hackers phish other employees with the false credentials until they have free reign over the company’s data. At this point it’s far too late to do anything about the attack. This scenario is far from ideal but unfortunately is very common.
SecureCircle can’t protect from account credentials being compromised by a phishing attack. Employees must know the signs to stop themselves from becoming the next victim. However, SecureCircle CAN stop your files from being read by the hackers. The hackers would need physical access to your device to be able to read the files you have access to. The most you’ll have to do after a phishing attack is change your passwords. Security doesn’t have to be complicated to get the job done.