December 12, 2017
The festive season is in full swing... and so are information thieves.
Whether these criminals are prowling around online or in person, it’s an especially vulnerable time because employees are often distracted by holiday shopping and seasonal activities.
Here’s a guide to where confidential information is at risk and how to protect it.
ONLINE SHOPPING: E-retail sales worldwide keep going up. Statista.ca reported that they accounted for 8.7% of all retail sales in 2016 and will almost double by 2021. Watch out: Criminals disguise attacks as ‘amazing’ offers in scam emails and fake ads to trick people into providing personal details. Financial Fraud Action UK (FFA UK) reported that 31% of online shoppers are more likely to take a financial risk if an online retailer offers them a bargain.
SHOPPING BY SMART PHONE: The use of smart phones for purchasing and doing online banking has definitely increased. Watch out: Cyber criminals are increasingly targeting mobile device users with scams and apps. Tactics such as one-click buying make purchases easier.
HOME WORK: Vacationing employees often take work home. Watch out: During the festive season, there’s a tendency to be careless and rushed. For example, instead of being selective about information to take home, entire documents are downloaded.
TRAVEL: Many employees bring their mobile devices as they travel to visit family and friends. Watch out: Leaving mobile equipment including thumb drives in taxis, hotel rooms, parked vehicles, and coffee shops, is common.A recent Kensington study showed that over half of IT theft occurs in cars, airports, and hotels and restaurants)
SKELETON STAFF: Many offices all but shut down over the holidays. Watch out: With a skeleton staff, there’s an increased risk of insider fraud and possibly theft by outsiders.
Here are information security tips for the holidays.
o Provide on-going employee training about common online scams.
o Research retailers you plan to buy from. Access websites by typing in the address, not linking from ads and emails.
o Always verify email requests that you receive before you act on them. Do not click on any suspicious links, especially from unknown sources.
o Keep software current on all devices; patch automatically.
o Only remove the confidential information that you need for work.
o Lock down all computers and equipment, and leave the office area clear of exposed documents when taking holidays (as per Clean Desk Policy).
o Use strong passwords and password locks on all devices. This type of security can decrease laptop theft by as much as 85%, according to Kensington.
o Avoid public Wi-Fi especially when making financial transactions – unless you have a Virtual Private Network on your device.
o Never leave mobile devices unattended. Have a process for checking that you don’t forget devices anywhere.
o Lock mobile devices in the trunk of vehicles.
o Provide a Fraud Hotline in the workplace.
o Continue with scheduled secure destruction services. Your document destruction partner should provide a secure chain of custody for paper and hard drive destruction.