The best line of defense against holiday hacking schemes is a comprehensive incident response strategy that focuses on end-user vulnerabilities.
The holiday season is upon us and with it a slew of cybersecurity scams preying on end-user vulnerabilities.
Because employees often use their business emails and cell phones as their primary point of contact, these scams quickly become a threat to employer computer systems. With so many people shopping online, tracking shipments, and entering sensitive data across multiple websites, holiday hackers are primed and ready to attack your networks by taking advantage of your employees’ online actions and cell phone usage.
According to the FBI, the two most frequent types of holiday scams include non-delivery and non-payment crimes – when a consumer either pays for a product or service that is never delivered or products being shipped without the seller receiving payment. Cybercriminals are also keen on gift card fraud and auction fraud, as well as phishing attempts over email or text messages that disguise malicious links as purchasing confirmations, order tracking information, or shipment notifications.
This time of year especially, cyber criminals are relying on people being too distracted to realize that they have clicked on a malware link or entered their login credential on a fraudulent website.
The heightened number of cybersecurity threats around the holidays underscore just how important it is to have a comprehensive incident response (IR) strategy in place, protecting both your employees and your company’s digital infrastructure.
Building an Incident Response Strategy for the Holidays
A thorough incident response plan – which is essentially the cybersecurity policies and procedures used to identify, contain and eliminate attacks – is critical to business operations throughout the year. But because the holidays come with a unique set of cybersecurity threats, it is worth revisiting your plan to make sure it is “prepped” for the holiday season.
According to the SANS Institute, a comprehensive IR strategy is centered on six core objectives: preparation, identification, containment, eradication, recovery and lessons learned….