The Holiday Season Means Phishing Season for Hackers
It’s that time of year again, the holiday season has arrived. Unfortunately, that means it’s also high season for hackers looking to leverage every ounce of holiday chaos to increase their chances of success when it comes to malware delivery, infiltration, virus infections, cyber espionage and theft. Time is of the essence when an organization is attacked, with every delay potentially compounding both the effectiveness of the attack, and the cost of remediation. Global Digital Forensics (GDF) will have emergency incident responders on call 24/7 throughout the holiday season to provide professional assistance and remediation expertise quickly, even on those days most cyber security solution providers are closed, like Thanksgiving, Christmas and New Year.
How do hackers take advantage of the holidays?
Hackers have always heavily relied on deception and misdirection to deliver an initial malware payload which they can then use to open the doors to systems and networks at will, and social engineering, or conning people, routinely plays a big part in making that happen. Phishing and spear phishing emails are a great example. They are a problem year round, disguised as notices requiring action that come from well-known and reputable organizations like Amazon, Paypal, banking institutions or any other organization that large swaths of the population are familiar with and use. But users stand a much better chance of spotting and dismissing them when they don’t make any sense, as they often don’t coincide with that user’s typical behavior. During the holidays though, unusual purchasing and online behavior is the norm. Multiple family members may be making undiscussed purchases with certain shared accounts, a user may not exactly remember the name of every website they visited to find that perfect gift, or because they have been making so many more purchases than they typically do throughout the year with credit and debit cards, the likelihood of identity theft can seem much more realistic, making those phishing emails about unusual account activity much harder to resist.
Helping hackers bait the hook - Social media, gifts and promotions
Thanks to the ever increasing willingness to “share everything” on social media, hackers can also use information users divulge to customize phishing and spear phishing emails for added effectiveness, like a user posting about the luck they had getting that last Playstation 4 from Best Buy and then getting a phishing email disguised to look like it’s from Best Buy about a purchase they made. Also be dubious about offers that seem too good to be true, the link about that $50 dollar iPad offer will most likely lead to a malicious site and an unwanted payload, but no iPad. Hackers will also use things like “friends lists” to send seasonal eGreetings that look like they come from trusted sources, only to deliver a malicious payload once the target opens it to view the contents. Infected USB sticks designed to look like promotions or gifts are also a hacker favorite, delivering their payload as soon as they are attached to a system by a user. So during the holidays it is more important than ever to stay vigilant and approach everything unexpected or unusual with a healthy degree of doubt. These 7 tips to prevent malware infections are a good rule of thumb to follow all year long, but especially during the holidays.
24/7 Cyber Emergency Incident Response
Businesses are especially vulnerable to cyber attacks during the holidays for all the same reasons mentioned above, but with the prevalence of BYOD (Bring Your Own Device) practices being employed by so many organizations, the possibility of crossover infections has also never been higher. Just one employee making a mistake is all it takes to open the doors of a business network to attackers. In the past that mistake would have had to happen at work, but today a personal system connecting to the company network, cloud computing, a USB stick used to share data, or even a mobile device like a smartphone or a tablet connecting through WiFi at work can be all it takes. Global Digital Forensics has handled emergency incident response for countless organizations in a wide variety of industries.
Time matters when responding to a cyber emergency.
With just one toll free call (1-800-868-8189), GDF can get the response and remediation process started any time of the day or night, even weekends and holidays. With a network of emergency responders strategically positioned nationwide and across the globe, GDF’s response times are unrivaled in the industry. In most cases, GDF can even start the process remotely, employing powerful tools like the new Data Breach Response Toolkit (DBRT) to identify, stop, and remediate the threat, and when it comes to data breaches and other cyber attacks, every second counts. GDF has the proven experience in highly regulated industries as well, so regulatory compliance issues, notification headaches and all the documentation needed to satisfy controllers and anxious clients and/or investors will all be handled the right way, significantly reducing the costs and aftermath of any successful intrusion or attack. So if this joyous holiday season hits a cyber snag, don’t hesitate to call right away, expert responders are standing by.