Shopping Safely Online During Black Friday

Leading security awareness solution supplier, CyberReady has announced five easy security tips to help holiday shoppers safely navigate Black Friday and Christmas as holiday sales put employee data and corporate networks at risk. 

Coinciding with Black Friday, the  CyberReady is also releasing its enhanced CISO Toolkit to provide free tools with guidance on safe online shopping to help CISOs defend employee desktops, laptops, mobile devices and corporate networks.

According to the FBI, “Every year, thousands of people become victims of holiday scams. Scammers can rob you of hard-earned money, personal information, and, at the very least, a festive mood.” Shopping scams are notoriously active during Black Friday and Cyber Monday as millions of shoppers use their PC, laptop, or mobile device to search for deals and make purchases. This presents a considerable risk to organisations with a large number of employees working remotely

Black Friday and Cyber Monday phishing emails tend to showcase amazing deals. These offers typically use emotional tactics to lure consumers into clicking offers that don’t really exist. 

  • Advertising lures the user to enter a fake website and provide credit card information. 
  • Payment traps force the user to submit their credit card information rather than using a digital wallet or payment service, allowing the capture of this sensitive payment information. 
  • Other factors weaken the buyer’s judgement, making the situation even more dangerous as limited-time deals make it difficult to dig into the details, and unknown senders frequently text and email the buyer, adding to the distraction.

Consequently, when this busy shopping season arrives, it is critical to be aware of the increasing risks to personal finances and employer networks.

Now, CybeReady is offering the following guidelines to help reduce the chance of a scam or other sinister attack achieving success:

Before Shopping: 

  1. Always enter the URL for a merchant’s website yourself. Do not use a link from an ad or email. Use the brand’s official shopping application on your smartphone.

While Shopping: 

  1. Check for the lock symbol next to a website’s URL to ensure it is a secure site.
  2. Use a third-party payment method that does not transmit credit card information to the seller (like PayPal or Venmo) or use a disposable card.

After Shopping: 

  1. Visit the merchant’s website to see sales updates. Do not click links in emails or texts claiming to provide order updates. 
  2. Keep an eye on your financial account for any unexpected transactions.

Because some employees will inevitably use their corporate connected PCs, laptops and mobile devices to take advantage of short-term shopping specials, CISOs are also advised to implement additional safeguards.

To assist security leaders, CybeReady is releasing its enhanced CISO Toolkit which provides complimentary tools to help communicate relevant security information to employees, quickly and effectively. The enhanced toolkit provides an overview of security guidelines, policies and tips, offering easy-to-understand information to help avoid cybersecurity traps with guidance on:

  • Holiday Shopping Security
  • Zoom Security
  • Online Privacy 
  •  Password Security 
  • Fake News and Rumours
  • Remote Work
  • COVID-19-related Phishing Emails
  • Security in Times of Crisis
  • Sextortion - what employees need to know
  • Tips for Worry-Free Vacations

Acording to CyberReady's CEO, Eitan Fogel “It is important to realize how good deals for employees can become a bad ordeal for your organisation... During the Holiday Season employees may be easily distracted and hackers are very aware of this, resulting in a significant increase in cyber attacks as the holidays approach. In response, it must be an all-hands effort to ensure security is a top priority.”

 Download the free CISO Toolkit >> Here

You Might Also Read: 

The Hidden Costs Behind Black Friday Bargains:

 

« Detected - A Hard Matching Vulnerability Which Enables Azure AD Account Takeover
Four Reasons You Need RASP Security For Web Applications »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

SealPath

SealPath

SealPath enables companies to protect and control their documents wherever they are: In their PC, in their corporate network, on a partner’s network, in the cloud.

CionSystems

CionSystems

CionSystems provides identity, access and authentication solutions to improve security and streamline IT infrastructure management.

Global Station for Big Data & Cybersecurity (GSB)

Global Station for Big Data & Cybersecurity (GSB)

GSB is an interdisciplinary research hub to cover big data, information networks, and cybersecurity.

ICS2

ICS2

ICS² is the first cyber security company focusing on protecting the control system of power, oil, gas, and petrochemicals plants.

Enosys Solutions

Enosys Solutions

Enosys Solutions is an IT security specialist with a skilled professional services team and 24x7 security operations centre servicing corporate and public sector organisations across Australia.

BELAC

BELAC

BELAC is the national accreditation body for Belgium.

CyberFortress

CyberFortress

CyberFortress is an insuretech startup offering a new kind of online business interruption policy designed for small business.

Raqmiyat

Raqmiyat

Raqmiyat provides end-to-end IT Services and business solutions including consultancy, digital transformation, infrastructure and cybersecurity.

Fudo Security

Fudo Security

Fudo Security is a leading provider of privileged access management and privileged session monitoring solutions.

HancomWITH

HancomWITH

Hancomwith is an information security company. We provide optimized blockchain solutions in areas including next-generation authentication, security and digital asset transaction.

Deduce

Deduce

Deduce use a combination of aggregate historical user data, identity risk intelligence, and proactive alerting to deliver a robust identity and authentication solution.

Graylog

Graylog

Graylog provides answers to your team’s security, application, and IT infrastructure questions by enabling you to combine, enrich, correlate, query, and visualize all your log data in one place.

Talion

Talion

Talion aim to reduce the complexity involved in securing your organisation and to give security teams unrivalled visibility into their security operations, so they can make optimal decisions, fast.

Iolo

Iolo

Iolo develops patented technology and award-winning software that repairs, optimizes, and protects computers, to maximize system speed and performance while keeping them safe.

IONIX

IONIX

IONIX is the attack surface management solution that uses Connective Intelligence to shine a spotlight on exploitable risks across your real attack surface and its digital supply chain.

ABPSecurite

ABPSecurite

ABPSecurite is a leading value-added distributor and a network performance solutions provider.