Cyber Monday – Protect Yourself

Looking forward to Cyber Monday?  So are the cyber-crooks.  Distracted shoppers willing to click on any ad or link provide ample opportunity to spread the holiday cheer of ransomware, malvertising, and all sorts of attacks.  Make no mistake, they are preying on you.  Fraud losses are expected over $22 billion.   This comes from too-good-to-be-true ad’s and emails.  Infected games and apps.  Phishing emails and CEO typosquatting.

Tips to protect yourself:

 

1. Emails. 

#1 way to get infected is a bad email.   Misleading link or attachment.  A reputable company will never ask in an email for personally identifiable information such as a Social Security number, a credit card, bank account, etc.

Treat every email like a knock at your door at 2:00 AM.

 

2. Texting.

Like emails, bad links can be just as damaging via text message.   Again, scrutinize every message.   Texts can be easily spoofed to show coming from a friend, claiming they are asking you to download some amazing app or game.  Don’t fall victim.

 

3. Shopping.

Checkout as a guest whenever possible.  Never use your company email account for any online shopping page.   Never use your company / email or banking password for any other website.

Avoid linking your bank or credit card to facebook.  If you do link a bank to social media, know that your financial security is only as good as your social media password.

 

4. Apps.

Google recently removed 100 apps infected with malware.  Some have been downloaded over 500,000 times.  Most these apps have some functional purpose.  You may not even realize they came with a secret gift to silently track your phone habits, your phone contacts, your email and banking sites.

 

5. Passwords.

The single best offensive protection you can do, is secure your password.  This means not using the same password for personal, financial and business.   Sure you should have a separate password for everything, but for most that’s not going to happen.   Do at least 4.   Company computer / email Personal email, Financial sites, lastly one for all those online accounts that require a password.   But the more separation the better.

Treat your passwords like your underwear, change them often and don’t share.

 

6. Company computer.

Most my clients have clear policies about using company computers for personal use.  Beyond that, know that you are the quickest way to prevent or allow an infection.  Don’t click that link.   Unless trusted, call or reply for validation.

Best not to shop via company computers or company networks.  Especially do not shop from remote servers, thin client, counter or store terminals, central station style computers and the like.

 

Might seem like one sweet deal, but one click can cause $1,000’s in downtime and hours or days of business impact.   Not to mention the untold embarrassment and outright pain of being the victim or distributor of spam emails or texts.

 

Happy shopping (from personal device) and happy (safe) deal hunting 🙂

 

Nathan DeSutter
IT Consultant