As we approach the biggest shopping season of the year, please take a moment to remind your staff, employees, and co-workers of the possibility of Black Friday scams. As noted by our partners at KnowBe4, criminals are well-aware that shoppers are hungry for discounts—which, unfortunately, may be little more than a cheap attempt to steal credentials.
Research from Tessian reports that up to 30% of people surveyed received some type of scam email related to Black Friday in 2020. If trends hold true, that number could increase this year. Black Friday scams can take many forms, to include:
- “Too good to be true” deals
- Courier impersonation
- Internal communications related to holiday bonuses, days off, or parties
- Social media marketplace links
- Well-known retail company impersonation websites
- and many others
These are often distributed by email but can also take the forms of texts or phone calls. We recommend employing your Human Firewall cybersecurity training to combat these Black Friday scams…always verify! Some common techniques and advice to remember:
- If it seems too good to be true, it probably is. Use common sense.
- On a PC, use the mouse to move your cursor over a link before clicking. Inspect the link for misspelled URLs, like wallmart.com or amaz0n.com. (Keep in mind this often cannot be done on a mobile device.)
- If the link leads to an unfamiliar URL name, do not click. Type the website name into a browser or search engine—if the deal is real, it will likely be plastered all over the store’s webpage.
- Avoid clicking links in texts. Use the above technique to navigate to the proper, known website via your browser.
- All machines used to access work data should be protected by updated, working antivirus. (Ideally, these are managed by a reputable IT firm or the IT department of the company.)
- Computers used to access work data should have supported operating systems. Windows 7 or older and macOS versions 10.14 “Mojave” and older are no longer officially supported operating systems.
- Keep mobile phone operating systems updated.
- Keep data backed up at regular, frequent intervals.
- Use multifactor authentication whenever possible.
If you’re like a majority of business owners, decision-makers, or influencers and are not 100% confident that your staff will be able to identify and avoid Black Friday scams, phishing schemes, and other security threats, there are several ways to get prepared. These include Duo MFA, KnowBe4 training, and Managed IT Security Services. Give us a call or CONTACT US and our security specialists can get you headed in the right direction!