As we head into the holiday season, The National Cybersecurity & Communications Integration Center (NCCIC), reminds users to be aware of seasonal scams and malware attacks. As of the NCCIC release on November 19th, 2018, they warn that users should be on high alert for unsolicited emails, advertisements, and requests for donations from potentially fraudulent charitable organizations. Malicious actors use a variety of tactics to try to compel you to engage with their efforts that can ultimately result in security breaches, identify theft and financial loss.
We share some of our best practices, tips, and suggestions below to ensure you have a safe and secure holiday season.
- Stay Alert – If something looks suspicious while you are navigating the internet and shopping, stop and think before you click.
- Shop Smart – Whenever possible, do business with reputable vendors and make sure when you are using search engines you are confirming that you are being re-directed to the intended vendor’s site.
- Use Trusted Sites –Your security is as safe and secure as your vendors. Make sure your information is encrypted, many sites use secure sockets layer (SSL) to encrypt information, this is another layer of security that will help combat potential hackers.
- Avoid Phishing Attempts –Phishing efforts can be complex and timely, make sure to check the email addresses that you are communicating with. Recently, we saw what looked like a trusted third-party vendor attempt to secure personal information from one of our users. The phishing email came in sandwiched between two legitimate emails from the same vendor. It was not until our user noticed they asked for their social security number during the recovery process that it was identified as spam.
- Be Generous, But Wise – We all like to get in the holiday spirit and give back but, do so with caution. Whether you are solicited through social media, calls, texts or door to door solicitations, we recommend only contributing to organizations that you trust.
If at any time, you believe you are a victim of a scam or malware campaign, we recommend taking the following action:
- Contact your financial institution and close any accounts that may have been impacted.
- Immediately change any passwords that may have been compromised, make sure to make a complex password using characters, symbols, and numbers.
- Report the attack to the police, and file reports with the Federal Trade Commission and the FBI’s Internet Crime Complaint Center.