The bad guys are getting even cheekier over the holidays. In fact, they see them as prime opportunities. So while you’re decking the halls, be sure your data is locked up tight as a drum on Christmas Eve.
Time to raise your cyber resiliency standards? Ask us how.
The gift that keeps on scamming
First on our naughty list: CEO impersonation scams. Cybercriminals are combining new-fangled AI with good old-fashioned criminal ingenuity to design craftier social engineering attacks. Gift card scams are particularly prevalent.
Blimey! You just got an email from the CEO asking you to grab a stack of gift cards for a client lunch. Sounds legit, right? Wrong!
Scammers rely on holiday chaos. They know everyone’s busy, trying to please, get things done before the break. And here’s a sneaky tactic to watch out for: They might flood your inbox to hide their tracks. This is often referred to as ‘email bombing’ and is a type of Denial of Service (DoS) attack. Your inbox basically explodes with “thanks for signing up” messages for webpages you never registered to, hoping to bury that purchase confirmation you never made.
If you notice this happening, contact your IT or cybersecurity team immediately. Far worse than the annoyance of an inbox spam flood is the risk of missing that email from the ‘electronics store’ saying those five tablets you (didn’t) order were just picked up by your ‘colleague’.
Out of office, not out of mind
Now, about those cheery out-of-office messages. Internally, absolutely. Your colleagues need to know you’re away but avoid oversharing. But externally? That’s where it gets tricky.
Always follow your organization’s guidelines and avoid TMI. Keep your OOO vague and professional. Don’t tell the world your life story or share your cell number so criminals can spoof it.
Remember: cybercriminals love to know when decision-makers are away from the office. So don’t make their ‘job’ even easier for them.
Home for the holidays? More like “Roam” for the holidays
Picture this: You’ve been waiting all year for that romantic beach vacation, your kids’ first trip to Disneyland, or family time back home at Grandma’s house. Annoyingly though, you still have a few emails to answer, phone calls to take, or slides to tweak in between the fun.
If you must work remotely, use company-approved devices and networks. It’s easier to keep track of company communications when they’re not mixed in with your personal vacation photos.
Always be aware of your surroundings, particularly when you’re working on sensitive information. The person behind you on a plane or next to you at Starbucks might be looking for investment tips, but it’s not your job to help them by sharing your 2025 growth strategy.
And for all you globetrotters out there, working internationally opens up a whole new can of worms. It’s not impossible, but it’s like playing cybersecurity on hard mode. It’s where extra protection like secure VPNs and Multi-factor Authentication (MFA) come into play, so make sure to use your firm’s cyber safeguards to the fullest.
And wherever you go, stick to approved communication channels. That quick SMS to your boss from your personal phone might seem harmless, but it could cost your company a fortune in fines. The SEC doesn’t mess around, folks.
New Year's resolutions for cyber resilience
Never forget: in the world of cybersecurity, we’re all on the naughty list until proven otherwise. So stay vigilant, question everything, and don’t let the holiday spirit cloud your judgment.
Keep these tips in mind, and you’ll be rockin’ around the cybersecurity Christmas tree all season long. Stay safe out there, and happy holidays!
Need to up your cybersecurity and cyber resilience game? Linedata can help.
Contact us to learn more.