Holiday Phishing Can Pose Real Threat To Business Networks

Holiday phishing attacks can be the unwanted gifts that keep on giving

The chaos surrounding the holidays can add effective cover for cybercriminals looking to do some holiday phishing, and as the lines between home and business computing continue to intertwine, this can prove costly for businesses both short and long term. The head of Global Digital Forensics offers some industry insight into how hackers can leverage the holidays to their advantage and some things businesses should consider during the holiday season for a stronger cyber security posture.

In an article published on Tuesday, November 25th, USA Today reported that an analysis performed by IBM apparently concluded that there was no significant increase in cyber attacks against small and medium sized businesses during the holiday months. But, “there may be more at play under the surface than a looking at attack numbers during these months can gauge,” says Joe Caruso, the founder and CEO/CTO of Global Digital Forensics (GDF), a premier national provider of cyber security solutions headquartered in New York City, "and businesses need to keep their vigilance focused accordingly.”

“Network compromises are typically not smash-and-grab type incidents in today’s digital world, they tend to longer term operations which see hackers maintain a prolonged presence on the network to attain their goals, which can be everything from cyber espionage and data ex-filtration campaigns to malware infections and other destructive actions,” says Caruso. “The exception to the rule would probably be the growing threat of ransomware attacks we’ve seen over the last year, where hackers encrypt large blocks of data and then hold the decryption key as ransom for payment before there is any hope of getting it back; they typically like to get in and out as fast as possible so they can get the collection phase started right away. So by extension, any successful holiday phishing or spear campaign is not likely to show up “on the books” until weeks or months down the road. It may also take some time to filter between home systems and company networks, which is one of the biggest dangers holiday phishing scams pose to both individuals and businesses alike.”

Phishing relies on gaining user trust

“What makes the holiday season so attractive to phishers and spear phishers is the irregular user behavior that is so prevalent during this time of year. Not only can a phishing email come in the guise of a communication from a retailer, bank, or parcel service, counting on all the out-of-the-ordinary purchases that are typically made this time of year to add to their air of legitimacy, which will basically tempt users to click on links or download attachments against the better judgment they normally exercise just to see what the heck it is about since they don’t remember it, but hackers can also use ploys like spoofing email headers to make it look like holiday greetings from friends, relatives and acquaintances. If a friend or relative gets compromised and their contact list is exploited, the familiarity can certainly make them a lot harder to identify as fraudulent, and the daisy-chain can really get some mileage stemming from just one successful breach this way as well. And then of course are all the charity scams that pop up this time of year, relying on good will and holiday spirit to bait the hook. One click on one email is all it takes, and from there the problem grows legs, legs that can run all the way to a business network and get hackers in the door to pose all kinds of potential long-term problems.”

Seasonal workers can also significantly raise the difficulty for IT security professionals over the holidays

“Temporary employees not up to speed on cyber security policies and procedures can also pose a significant threat,” warns Caruso, “so making sure their cyber responsibilities are covered right at the beginning is very important. They may not be part of an organization’s yearlong force, but one slip up from their ranks can easily give a business headaches long after they’re gone.”

Awareness and incident response are critical bases to keep covered

“Phishing relies on human mistakes, not technology, so the number one way to combat this particularly effective form of social engineering is to raise awareness enterprise-wide. We make social engineering a strong focal point during our vulnerability assessments and penetration testing services for this very reason. The more we can drag the problem into the light, the better chance an organization has to stop the number one entry vector for cyber criminals and significantly reduce the threat of network compromises. But by our very nature, human beings have never been perfect, so having effective emergency incident response plans in place to respond immediately if the unthinkable happens is paramount. We have a network of experienced emergency responders ready to answer the bell quickly, and we’ll have responders on call 24-7 throughout the holiday season. Time is your enemy after a cyber breach or incident, so every second counts. The faster the problem is identified and eradicated, the less costly it will be in the long run for the entire organization. So don’t hesitate, if you experience a cyber incident, pick up the phone and get proven cyber security professionals on the job right away, otherwise the chances the aftermath will be far more severe and costly rise exponentially.”

The professionals you can trust to get the job done right

*Global Digital Forensics is a recognized industry leader in the fields of computer forensics, cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a cost-effective plan which will meet your unique needs, without wasting resources on solutions you simply don’t need. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to get help. For more information, visit our cyber security page.