Everyone loves a holiday, right? Well, that goes double for scammers. Now, they are preparing for one, major day of the shopping calendar: Black Friday, but not prepare for Black Friday Phishing Scams.
Black Friday and Cyber Monday are responsible for billions of dollars of concentrated spending online and in-store. Last year Americans spent $5 billion in 24 hours on Black Friday alone. No wonder Black Friday is also the biggest holiday for phishing scams! With everyone on the hunt for irresistible bargains, what better way to convince someone to click on a malicious link than, “Here’s a Black Friday deal you don’t want to miss!”
In years past, phishers have used fake 80% off deals, spoofed websites, and offers of free gift cards and iPhones to collect names, addresses, passwords, online credentials, and even credit card numbers.
Here are a few tips to avoid losing money this month:
Hover over URL links and triple-check their destinations (e.g. www.google.com NOT www.g00gle.com)
Be wary of “enable content” on any downloaded documents. Office macros are a classic malware tactic by spammers to execute malicious applications on the victim computer.
Look for httpS in the upper left hand corner of a webpage and avoid http sites at all costs. ‘S’ means secure!
Stay safe, savvy shoppers!
Living Security was founded out of personal experience with the problem as a practitioner combined with a passion for solving problems with large impact and opportunity. Our team is comprised industry experts, SME’s and fun, passionate people that are just a little crazy – hey, we did join a startup! We are all here to build something great – will you join us? It’s an incredible journey! At Living Security, we reduce the cybersecurity risk for enterprises, human error, through engaging and impactful security awareness training that is brought to life by innovative tech enabled experiences.
A note from our CEO, Ashley Rose, on the Living Security Whitepaper:
"If you’ve spent any time around the cybersecurity community, it’s astounding to see the technological advancements and sheer number of solutions that are being offered to help companies reduce cyber risk and the devastating effects of breaches.
While I believe these technical solutions and controls that are put in place at an organization are critical to the offensive and defensive strategies of combating cyber attacks, they can’t beat the cost of ignoring one of the largest areas of misunderstanding and greatest opportunities for enhanced defense — the human.
We saw this year the financial motivations of cyber criminals and the use of social engineering, stolen PII and credentials, insider threats and misconfigured databases as some of the top risks in industries like IT, healthcare, professional and education.
Without a shift in priority and executive support of awareness programs that advance beyond compliance, these threats will continue to predominate.
A focus on maturing a security awareness training program means understanding what and how to drive behavior change at scale, intelligence into what threats present the greatest risk and producing insight through metric-driven feedback loops to consistently fine-tune and enhance each program.
You’ll see in this whitepaper how human-centered design and science-based applications like gamification and positive reinforcement are key to engaging and inspiring people as well as reinforcing concepts within a successful training program.
You will gain insight into the importance of a strong security culture and how to uncover the cultural fabric of each organization, and much more.
I’d like to thank my team, our advisors and the other subject matter experts involved for their passion for people and hard work in developing this whitepaper.
We look forward to continuing to be a part of and contributing to impactful and human-centered solutions to this industry, and partnering with other providers to create a holistic and comprehensive defense for organizations around the world."