How To Protect Your Business From Fraudsters At Christmas
Christmas is a great time of the year for most workplaces – employers are generous to their staff; festive parties create camaraderie among workers; and everyone is looking forward to having a few days off.
However, amidst all the celebrations, nights out, radio playing and mince pie eating, it is still crucial that businesses remain just as vigilant about their security measures. In fact, with Christmastime being one of the best times for fraudsters to attack, companies would be wise not only to be watchful, but even more cautious than usual.
Why is Christmas a prime time for fraudsters?
Most people begin gearing up for the festive season at the end of November, which marks the start of some fantastic opportunities for fraudsters – particularly cyber-attackers.
This is because millions of people around the world head online from Black Friday weekend for several weeks to take advantage of the many cut-price deals retailers offer at this time of the year.
Black Friday = shopping bonanza
According to Citi Post, 108 million people in the USA alone shopped online on Black Friday in 2016, and last year an estimated $682 million (£534 million) was spent in the States, which much of this taken by e-commerce sites.
Over the last few years, Black Friday sales have taken over the world, and now the event is just as popular in the UK and Europe as it is in North America.
After Amazon.co.uk introduced the concept to Britain in 2010, the nation has not looked back, and sales during the week-long event rise by millions of pounds per annum.
Last year proved that Brits prefer to shop in the comfort of their living room rather than battle the crowds on the high street, with just 26 per cent heading into stores for their bargains, according to PricewaterhouseCoopers (PwC).
Therefore, it is not surprising that online sales in the UK rose so dramatically in 2017, increasing by 11.7 per cent from the year before to an impressive £1.39 billion, IMRG data revealed.
It is not just Black Friday that encourages shoppers to purchase goods online, but the internet-specific retail event Cyber Monday that occurs just three days’ later. According to PwC, Brits intended to spend £234 each last year over the weekend, which provides hackers with ample opportunity to find out their financial details.
Due to the huge influx of people not only using the internet over the four-day long event, but inputting their bank details into e-commerce facilities, cyber-attackers are able to access important personal and financial information consistently over the weekend.
According to EnigmaSoftware.com, incidences of online attacks against shoppers rose by 40 per cent on Cyber Monday in 2013 and 2014, compared with the month before, The Guardian revealed.
This year’s Black Friday weekend could have presented even more opportunities for hackers to hit, as financial experts predicted more Brits than ever were planning to purchase online.
According to TopCashback.co.uk’s UK director Adam Bullock, it might even have been “the biggest shopping day we have ever seen”, estimating £1.5 billion to have been spent on Friday (November 23rd) alone.
Hackers are not foolish and tend to focus their attention on what the press believes is the hottest product to purchase.
Speaking with the news provider, Christopher Budd, Trend Micro’s global threat communications manager, said: “Whatever the latest hot gadget is, that’s almost always going to be used as a spam or phishing or social media scam lure, and that’s something that has longevity through the shopping season.”
Not only do millions more people use e-commerce sites during Black Friday weekend, but it is the launch of festive shopping for most people, with even more consumers purchasing goods in the run-up to Christmas.
How do hackers attack?
They typically target consumers through social media hacks that look like recommendations friends ‘like’, or via emails. Most people, even businesses that have to send lots of gifts to clients over the holidays, want to get a bargain, and, therefore, are likely to follow a deal that looks too good to be true, potentially leading them to unsafe territory in the online world.
Fraudsters also take advantage of the fact that many people – including those in offices – order online and, therefore, expect deliveries.
Hackers might use the names of huge online retailers to send emails regarding delivery times to unsuspecting customers, subsequently infecting their emails and stealing valuable data from their computer.
Of course, cyber attacks are also typical when consumers buy goods over unsecured networks, as hackers can tap into the wi-fi connections and trace their personal information when they are making their purchases.
If you happen to click on a link they have sent, either in an email, on social media or on a fake deal website they have set up, you will download malicious software that can then provide them with credit card details, passwords, and even customer data.
These techniques are so popular among cyber-attackers that 40 per cent of annual online fraud occurs in October, November and December, Trustev revealed to CNET.
Is it just online attackers?
While online data breaches sky rocket in the lead-up to Christmas, businesses should be cautious of other forms of fraudulent behaviour as well.
With so many more things being put out in the waste, including wrapping paper, old decorations and food packaging, it can be easy to forget about the importance of disposing of valuable items properly.
Things you might not even consider significant – such as old staff uniforms and USB devices – can be utilised by fraudsters and, with businesses more distracted and offices vacant during the holidays, this is their opportunity to find items they can use to their own advantage.
That is why it is essential companies undergo specialised security shredding, particularly at this time of the year, when they are incredibly busy with other events and projects they want to wrap up before the New Year.
How to be more secure over Christmas
It is impossible to avoid purchasing online, sending important information out over the internet, or disposing of branded products, whether it is Christmastime or not. However, there are many things companies can do to make sure their staff, clients, customers and business remain protected during the season.
Firstly, they should be extra vigilant when destroying important information. With many offices closed between Christmas Day and New Year’s, it is essential you get rid of anything valuable before it shuts for the holiday. Book professional services if you do not think you will be able to get staff to finish the job on time, or make sure you securely lock up any media, documents, clothing and equipment you cannot – or do not want to – destroy securely.
It is also essential you encourage sensible online behaviour among staff members, whether they are using the internet for their own personal online purchases or for work-related tasks.
Even if they are doing their own Christmas shopping, by using your computers they could jeopardise the security of all the data stored on the hard drive, as well as the cloud. Therefore, it is wise to tell them to avoid clicking on links from social media posts or emails; only purchase items from certified websites; use different passwords for varying websites, particularly their bank and email accounts; and confirm order history on the online retailer’s website, and not just with the email.
Of course, employees might be making purchases on behalf of the company. In this case, it is essential you get them to use the same kind of discretion and be wary of any deal that seems too good to be true or from an unverified party.
As a business, you can also help protect your staff by installing the best anti-spyware and anti-malware software, and keeping your computers’ applications and operating systems regularly updated.
Those companies that store their clients’ or customers’ details on their sites need to be extra vigilant at this time of the year too to ensure hackers do not gain access to millions of people’s data through negligence on your behalf.
In 2016, Tesco Bank felt the brunt of a serious cyber attack when £2.5 million was stolen from 9,000 of its customers’ accounts just a few weeks before Christmas, forcing it to suspend online activity as it addressed the problem. While the financial services provider refunded all those who had suspicious transactions from their accounts, it was a huge embarrassment and cost to the brand.
Tesco had to act incredibly swiftly to salvage its reputation as quickly as possible, so this incident did not have any lasting repercussions throughout the season. Not only could it have damaged Tesco Bank’s activity, but it could have also discouraged customers from using the superstore for their Christmas shopping, which would have cost the business millions of pounds in revenue.
However, it is not alone with being a victim of huge hacks during the festive season – when people simultaneously spend and need as much money as possible. According to a report in Certus Technology Group, one in ten people fell victim to cyber crime in 2015.
Indeed, Brits are 20 times more likely to have money stolen from them at their computer than on the street these days, the Crime Survey of England and Wales revealed, showing just how essential it is for businesses to stay on top of the problem as they head into a new year.