Shopping Safely Online During Black Friday

Uploaded on 2022-11-21 in TECHNOLOGY--Resilience, FREE TO VIEW

Leading security awareness solution supplier, CyberReady has announced five easy security tips to help holiday shoppers safely navigate Black Friday and Christmas as holiday sales put employee data and corporate networks at risk. 

Coinciding with Black Friday, the  CyberReady is also releasing its enhanced CISO Toolkit to provide free tools with guidance on safe online shopping to help CISOs defend employee desktops, laptops, mobile devices and corporate networks.

According to the FBI, “Every year, thousands of people become victims of holiday scams. Scammers can rob you of hard-earned money, personal information, and, at the very least, a festive mood.” Shopping scams are notoriously active during Black Friday and Cyber Monday as millions of shoppers use their PC, laptop, or mobile device to search for deals and make purchases. This presents a considerable risk to organisations with a large number of employees working remotely

Black Friday and Cyber Monday phishing emails tend to showcase amazing deals. These offers typically use emotional tactics to lure consumers into clicking offers that don’t really exist. 

  • Advertising lures the user to enter a fake website and provide credit card information. 
  • Payment traps force the user to submit their credit card information rather than using a digital wallet or payment service, allowing the capture of this sensitive payment information. 
  • Other factors weaken the buyer’s judgement, making the situation even more dangerous as limited-time deals make it difficult to dig into the details, and unknown senders frequently text and email the buyer, adding to the distraction.

Consequently, when this busy shopping season arrives, it is critical to be aware of the increasing risks to personal finances and employer networks.

Now, CybeReady is offering the following guidelines to help reduce the chance of a scam or other sinister attack achieving success:

Before Shopping: 

  1. Always enter the URL for a merchant’s website yourself. Do not use a link from an ad or email. Use the brand’s official shopping application on your smartphone.

While Shopping: 

  1. Check for the lock symbol next to a website’s URL to ensure it is a secure site.
  2. Use a third-party payment method that does not transmit credit card information to the seller (like PayPal or Venmo) or use a disposable card.

After Shopping: 

  1. Visit the merchant’s website to see sales updates. Do not click links in emails or texts claiming to provide order updates. 
  2. Keep an eye on your financial account for any unexpected transactions.

Because some employees will inevitably use their corporate connected PCs, laptops and mobile devices to take advantage of short-term shopping specials, CISOs are also advised to implement additional safeguards.

To assist security leaders, CybeReady is releasing its enhanced CISO Toolkit which provides complimentary tools to help communicate relevant security information to employees, quickly and effectively. The enhanced toolkit provides an overview of security guidelines, policies and tips, offering easy-to-understand information to help avoid cybersecurity traps with guidance on:

  • Holiday Shopping Security
  • Zoom Security
  • Online Privacy 
  •  Password Security 
  • Fake News and Rumours
  • Remote Work
  • COVID-19-related Phishing Emails
  • Security in Times of Crisis
  • Sextortion - what employees need to know
  • Tips for Worry-Free Vacations

Acording to CyberReady's CEO, Eitan Fogel “It is important to realize how good deals for employees can become a bad ordeal for your organisation... During the Holiday Season employees may be easily distracted and hackers are very aware of this, resulting in a significant increase in cyber attacks as the holidays approach. In response, it must be an all-hands effort to ensure security is a top priority.”

 Download the free CISO Toolkit >> Here

You Might Also Read: 

The Hidden Costs Behind Black Friday Bargains:

 

« Detected - A Hard Matching Vulnerability Which Enables Azure AD Account Takeover
Four Reasons You Need RASP Security For Web Applications »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Aqua Security Software

Aqua Security Software

Aqua Security helps enterprises secure their cloud native applications from development to production, whether they run using containers, serverless, or virtual machines.

Bericon Forensics

Bericon Forensics

Bericon is one of the longest established forensic science consultancies in the UK. Activities include computer and mobile phone forensics.

Skkynet Cloud Systems

Skkynet Cloud Systems

Skkynet is a leader in real-time data systems for the secure management and control of industrial processes (SCADA) and embedded devices (M2M).

National Center for Manufacturing Sciences (NCMS)

National Center for Manufacturing Sciences (NCMS)

NCMS is a cross-industry technology development consortium, dedicated to improving the competitiveness of the US industrial base. Strategic initiatives include industrial cyber security.

Harel Mallac Technologies

Harel Mallac Technologies

Harel Mallac Technologies is a Mauritian organisation that has developed a strong network of ICT specialists with nodes across the African continent.

Sopher Networks

Sopher Networks

Sopher is a secure communication and collaboration platform for business and personal use.

XPO IT Services

XPO IT Services

XPO IT Services are dedicated to providing secure, high quality IT recycling and asset disposal services.

CYRISMA

CYRISMA

CYRISMA is a revolutionary cybersecurity platform that helps organizations manage risk without the usual headaches associated with enterprise cybersecurity tools.

OriginalMy

OriginalMy

OriginalMy is a cybersecurity startup, focussed on digital governance and information authentication. Its mission is to prove authenticity using state-of-the-art cryptography and blockchain technology

Wavex Technology

Wavex Technology

Wavex Technology is an award winning IT Services firm offering clients a secure and fully managed IT service.

Twingate

Twingate

Twingate help organizations secure and manage access to their technology resources in a world where people work from anywhere.

Etisalat

Etisalat

Etisalat Group is one of the world’s leading telecom groups in emerging markets.

Stryve

Stryve

Stryve is a leading carbon-neutral provider of specialist cloud and cybersecurity services in Europe.

Dutch Research Council (NWO)

Dutch Research Council (NWO)

The Dutch Research Council (NWO) is one of the most important science-funding bodies in the Netherlands and ensures quality and innovation in science.

Vector Choice Technologies

Vector Choice Technologies

Vector Choice Technology Solutions has a long standing reputation in cyber security consulting since 2008.

Astreya

Astreya

Astreya is the leading IT solutions provider for some of the world's most recognizable and innovative organizations.