Shopping Safely Online During Black Friday

Uploaded on 2022-11-21 in TECHNOLOGY--Resilience, FREE TO VIEW

Leading security awareness solution supplier, CyberReady has announced five easy security tips to help holiday shoppers safely navigate Black Friday and Christmas as holiday sales put employee data and corporate networks at risk. 

Coinciding with Black Friday, the  CyberReady is also releasing its enhanced CISO Toolkit to provide free tools with guidance on safe online shopping to help CISOs defend employee desktops, laptops, mobile devices and corporate networks.

According to the FBI, “Every year, thousands of people become victims of holiday scams. Scammers can rob you of hard-earned money, personal information, and, at the very least, a festive mood.” Shopping scams are notoriously active during Black Friday and Cyber Monday as millions of shoppers use their PC, laptop, or mobile device to search for deals and make purchases. This presents a considerable risk to organisations with a large number of employees working remotely

Black Friday and Cyber Monday phishing emails tend to showcase amazing deals. These offers typically use emotional tactics to lure consumers into clicking offers that don’t really exist. 

  • Advertising lures the user to enter a fake website and provide credit card information. 
  • Payment traps force the user to submit their credit card information rather than using a digital wallet or payment service, allowing the capture of this sensitive payment information. 
  • Other factors weaken the buyer’s judgement, making the situation even more dangerous as limited-time deals make it difficult to dig into the details, and unknown senders frequently text and email the buyer, adding to the distraction.

Consequently, when this busy shopping season arrives, it is critical to be aware of the increasing risks to personal finances and employer networks.

Now, CybeReady is offering the following guidelines to help reduce the chance of a scam or other sinister attack achieving success:

Before Shopping: 

  1. Always enter the URL for a merchant’s website yourself. Do not use a link from an ad or email. Use the brand’s official shopping application on your smartphone.

While Shopping: 

  1. Check for the lock symbol next to a website’s URL to ensure it is a secure site.
  2. Use a third-party payment method that does not transmit credit card information to the seller (like PayPal or Venmo) or use a disposable card.

After Shopping: 

  1. Visit the merchant’s website to see sales updates. Do not click links in emails or texts claiming to provide order updates. 
  2. Keep an eye on your financial account for any unexpected transactions.

Because some employees will inevitably use their corporate connected PCs, laptops and mobile devices to take advantage of short-term shopping specials, CISOs are also advised to implement additional safeguards.

To assist security leaders, CybeReady is releasing its enhanced CISO Toolkit which provides complimentary tools to help communicate relevant security information to employees, quickly and effectively. The enhanced toolkit provides an overview of security guidelines, policies and tips, offering easy-to-understand information to help avoid cybersecurity traps with guidance on:

  • Holiday Shopping Security
  • Zoom Security
  • Online Privacy 
  •  Password Security 
  • Fake News and Rumours
  • Remote Work
  • COVID-19-related Phishing Emails
  • Security in Times of Crisis
  • Sextortion - what employees need to know
  • Tips for Worry-Free Vacations

Acording to CyberReady's CEO, Eitan Fogel “It is important to realize how good deals for employees can become a bad ordeal for your organisation... During the Holiday Season employees may be easily distracted and hackers are very aware of this, resulting in a significant increase in cyber attacks as the holidays approach. In response, it must be an all-hands effort to ensure security is a top priority.”

 Download the free CISO Toolkit >> Here

You Might Also Read: 

The Hidden Costs Behind Black Friday Bargains:

 

« Detected - A Hard Matching Vulnerability Which Enables Azure AD Account Takeover
Four Reasons You Need RASP Security For Web Applications »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Civica

Civica

Civica provides cloud-based managed IT services, hosting and outsourcing.

tietoEVRY

tietoEVRY

TietoEVRY creates digital advantage for businesses and society. We are a leading digital services and software company with local presence and global capabilities.

KPN Security

KPN Security

KPN Security is the largest and most complete provider of IT security services in the Netherlands.

GreyCastle Security

GreyCastle Security

GreyCastle Security is a leading cybersecurity services provider dedicated exclusively to cybersecurity and the practical management of cybersecurity risks.

Syskode Technologies

Syskode Technologies

Sykode Technologies is a next-generation global technology company offering an integrated portfolio of advisory services, products and solutions in areas including AI, IoT and Cyber Security.

Zero Networks

Zero Networks

With Zero Network, you can achieve affordable, airtight network access security at scale.

Gorodissky IP Security

Gorodissky IP Security

Gorodissky IP Security is a comprehensive approach to protecting your intellectual property on the Internet and beyond.

Bionic

Bionic

Bionic is an agentless way to get control over your increasingly complex applications so you can manage, operate, and secure them faster and more efficiently.

Inpher

Inpher

Inpher has pioneered cryptographic Secret Computing® that enables advanced analytics and machine learning while keeping data private, secure, and distributed.

Bigbee Technology

Bigbee Technology

Bigbee Technology are an IT solutions company based in Dar es Salaam founded by a group of professionals from around the globe.

Componolit

Componolit

Componolit GmbH is a highly specialized company with a strong emphasis on trustworthy software, component-based systems and formal verification.

Redbot Security

Redbot Security

Redbot Security provides industry leading manual penetration testing. Protecting critical systems and data - red team attack and breach simulations, (OT) critical infrastructure testing.

Snare

Snare

Snare is a comprehensive set of event monitoring and analysis tools designed to address critical auditing and security requirements.

Hacker School

Hacker School

Hacker School offers technology motivated training programs that provide Cyber Security Certifications and Courses.

appNovi

appNovi

appNovi inventories everything to map the attack surface, identify missing security agents, and prioritize vulnerabilities based on exposure.

NopalCyber

NopalCyber

NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant.