Don’t do this! Cybersecurity tips

Dec 21, 2021

Electronic scams — including those propagated by email or websites — can cause major headaches (or worse) for companies and individuals. Especially during the holidays, there seems to be an uptick in scammers attempting to prey on the increase of online payments.

For businesses, getting an electronic virus or accidentally sending sensitive information to a scammer can present problems not only for an employee whose computer is infected, but the firm’s entire network. However, there are good, common sense solutions your firm can employ to help avoid phishing, viruses, and scams seeking to defraud you or do damage to your computer and/or network.

Smart cybersecurity practices

Here are some good tips that are smart to follow — not just during the holidays — but year-round:

  • Avoid suspicious links
    Don’t click suspicious links or attachments in emails, on websites, or on social media. Phishing scams and similar hacks get you to click on links and give up personal information like your name, password, and bank account number. In some cases, malware can also be downloaded to your device.
  • Account information updates
    Be wary if you receive an email asking you to update your password or account information. Look up the company’s phone number on your own and call the company.
  • Know who you’re buying from
    Check the website’s URL to ensure it’s legitimate and secure. While not guaranteeing trustworthiness, it’s better to conduct transactions on websites with “https” in the web address rather than just http. If the URL lacks that extra s, that’s a red flag in terms of entering your information on that site.
  • Monitor the shipping process
    Always get tracking numbers for items purchased online, to follow the delivery process.

Preying on holiday euphoria

It’s good to keep emotions in check when making online purchases, especially during the holidays. One can be affected by a little holiday giddiness and a desire for instant gratification. What begins as good intentions and being in the giving spirit can lead to ignoring best practices of cybersecurity — including your visiting sketchy websites promoting outrageous deals in hopes of finding a discount. Before you know it, you’ve compromised your computer by clicking on links that open the door to viruses, malware or worse — all because of some spiked eggnog at the company holiday party and wanting to find that right sweater online for Uncle Fred!

Hackers are aware of these human weaknesses and seek to exploit them. For instance, assume hackers are aware of current frustrations with the supply chain and are seeking to exploit a sense of urgency that’s crept into ordering online. If you find yourself feverishly seeking to procure items that have become less easy to acquire, take a breath. If being in a rush leads you to click on a dangerous link in a phishing email or enter your credit card information on a site making unrealistic delivery promises, the hackers win!

In addition, many of us are making more online purchases than usual this time of year, and that can embolden criminals, as a long list of charges on credit card statements make it easier for fake or increased charges to not be spotted.

Remember that security is a mindset — not a product. Create layers of safety around your actions online, like an onion. It’s best to simply slow down and carefully consider every online purchase, and every link embedded in an email. For instance, when you see an outrageously well-priced item for sale — “Today only!!” — take the time to call the company to see if the outreach is legitimate.

It’s like your grandma may have said: If it seems too good to be true, it probably is.

Simple tips to avoid cybercrimes

  • Update
    Keep operating systems and software updated — and have good antivirus software on your computer. Use a VPN (Virtual Private Network) when working offsite — especially when banking — to increase security
  • Don’t get “phished”
    Be on the lookout for phishing emails, which often present an urgent need for you to provide sensitive information (or purchase an item) that legitimate organizations wouldn’t require via an email
  • Update passwords
    Protect your passwords and update them frequently — and use two-factor authentication for your most sensitive information, such as bank and credit-card logins
  • Research
    Do a little research before entering a credit card number or other sensitive info on a website — visit a site by entering its URL instead of clicking a potentially problematic link
  • A little due diligence
    Before entering personal information on a website, check to see if there’s an https in the URL rather than just http; the extra s indicates a secure protocol for transmitting sensitive information is being used. It doesn’t guarantee a site can be trusted, but its absence is a big red flag.
  • Report mistakes
    If you think you made a mistake clicking an improper email or website link at work, report that to your IT team ASAP.

Download Our Conversation Guide to Cyber Risk Discussions

Fill out my online form.

Download Our Suddenly CISO Handbook

Fill out my online form.