Along with the good cheer and gifts that are hallmarks of the holiday season comes a much less welcome phenomenon: phishing attacks. The vast majority, well over 90 percent, are conducted through a company’s email system. During that high-traffic time between Thanksgiving and Christmas, criminals capitalize on the increase in shopping and selling by sending malware-ridden file attachments and links that can ultimately sabotage your systems and the data you store and transmit.
Fortunately, you are not powerless against phishing attacks. Take the following actions to minimize your organizational risk:
- Be sure that you have turned on all anti-malware settings in programs such as Microsoft 365.
- Remove suspected phishing emails before they become a problem through anti-phishing email filter software.
- Use a DNS filter to separate the internet from your browser. It acts as a buffer that checks any URL typed into your browser against an extensive database of known malicious websites.
Despite your best efforts at cybersecurity, you should remain vigilant about the most common phishing scams. The following look to be especially popular with the criminal element this year:
- Fake charity donation requests. Scammers use a well-known logo or charity name to trick users into sending donations or divulging credit card information.
- Bogus email order receipts. Scammers send fake receipts that look like a natural order was submitted to Amazon or other popular websites. When the user clicks on the link, malware enters your system.
The average phishing attack lasts 21 hours from the moment the first victim clicks on an attachment or link until the attack is detected and the last victim acts. While the incident is relatively brief, it can have a profound effect on your systems, data, and reputation. Consequently, it is more important than ever to create a culture of cybersecurity awareness and accountability among all members of your organization at every level.
