Cybersecurity reminders this Cyber Monday
– a press release
“Don’t fall for deals that are too good to be true…maintain a healthy skepticism when you see special offers in email or social media.”
For Immediate Release – November 26, 2018
Muncie, Ind. – During this busy online shopping season, it is a good time to be reminded of the security threats capable of compromising your network and data. InfoSecBuzz asked a number of security experts for their advice on avoiding current security threats. Here is a quick summary of the Top 10 current threats for users and the Top 5 for IT pros, with a link to the full article at the end.
TOP 10 SECURITY THREATS FOR USERS
1. Today, phishing scams are skyrocketing, especially driven by deals and rebate offers. Don’t open any attachments or click on links appearing to be from trusted vendors you shop with. Go directly to the website of the vendor looking for the sales and deals.
2. Do not use ATM/debit cards online, only use credit cards and think about a voluntary limit, or at least a text when a purchase gets made.
3. Delivery- and non-delivery scams. Watch out for emails that confirm shipments or that try to scan you with shipment problems.
4. Don’t fall for deals that are too good to be true on Black Friday weekend and Cyber Monday. Increase your security awareness levels, and maintain a healthy skepticism when you see special offers in email or social media.
5. Watch out for fake discount coupons, and fake “game codes”, that are nothing but a nonsense string of letters and numbers.
6. Keep an eye out for online credit card collection imposters. You might stress out because of your high credit card bills, and bad guys are sending emails that claim to be from the credit card company claiming your account is overdue and is subject to being shut down unless you make a payment immediately. You may be tricked in giving away your credit card information.
7. Holiday Ransomware: You should understand that information—e.g. order confirmation emails— on your computers increase in value over the holiday season, and that means that you are more likely panic and pay ransom if ransomware strikes.
8. Be very wary when you get an inbound phone call, never give out any personal information if you did not initiate the call yourself.
9. Avoid downloading anything from questionable websites. Disable popups on your devices by using trusted, reliable popup blockers.
10. If you suspect that you may have entered your credit card data into a fake website after all, immediately call your credit card company and cancel your card. Then change your passwords and pin-codes for your online banking sites. Use strong passwords and never use the same password for several websites or services, because if one is stolen, all of your accounts will be put at risk. To create strong passwords without having to remember them, use a password manager.
TOP 5 SECURITY THREATS FOR IT PROS
1. Make sure your e-commerce website is not infected with a digital credit card skimmer. The Magecart malware is causing massive damage at the moment.
2. Make sure your certs (or domain) have not expired, and that encryption is turned on by default. More importantly, check if there are any “evil twin” look-alike domains that the bad guys use to spoof your domain. Do that here.
3. Monitor regular customers and the devices they normally use for purchases. If an alternative device is used, you can challenge the transaction with additional checks.
4. Gather enough transactional data, and therefore evidence, to prove the fraudulent nature of a transaction, or its validity in the case of ‘friendly fraud’. Tactics such as using e-signatures or voice verification can help keep high-value transactions secure.
5. It’s vital to be able to detect new accounts that have been opened on an online retail store that may be used for fraud purposes. This information can be hooked into shared real-time fraud databases to cross-reference known fraud data such as flagged delivery addresses and mobile numbers, as well as highlighting inconsistencies in sales transactions.
Here is theto the full article. Stay safe out there!
Deltec offers a complimentary user vulnerability review.
About Deltec Solutions
Deltec Solutions is a Muncie-based business specializing in strategic Information Technology solutions for organizations. As a trusted technology partner for small and mid-size organizations since 1990, Deltec Solutions consults with clients about their technology needs, including: IT network consulting and planning, cybersecurity and business continuity planning, off-site desktop support, and cybersecurity awareness training.
Scott Jordan, Founder and CTO
email@example.com | 765-587-5101