How to keep cyber-safe at Christmas
Cybercriminals know how to exploit Christmas-shopping anxiety. Don’t let these criminals target you. The countdown to Christmas has started, and you’re feeling stressed. One half of your mind is still worrying about what to get your Great Aunt, while the other half is fretting about whether the presents you have already ordered will arrive. To add to this, you still have to organise the food, attend the children’s carol concert, and somehow manage to keep doing your day job too!
From a cybercriminal’s viewpoint, this makes you easy pickings for a bit of light phishing. They could send you an email or text marked, URGENT: your recent order has been delayed or URGENT: your account has been suspended. In your anxious state, there is every chance that you will click on it – even if you would normally be much more careful.
As a result, they might be able to infect your system with ransomware or hack into your machine and steal bank details, personal data records or any number of things.
An additional problem is that hackers have got progressively better at spoofing both websites and domain names. It used to be that they would give themselves away with spelling errors or mistakes in what websites or emails from Amazon or Paypal look like, and would use a variation of the official website address that was obviously fake –amzon.com, for example.
However, a new trend amongst cybercriminals is to use different alphabets to create domain names with barely perceptible differences from official website addresses. For example, it’s virtually impossible to spot the little dot over the first ‘a’ in ȧmazon.com: you could mistake it for a speck on your screen.
At this time of year, don’t try to be too clever. Just obey two simple rules:
1. Don’t click on a link in an email or text without first ensuring the domain is correct.
You can check the domain by visiting the real domain you use via your laptop or someone else’s device and check the URL against the one in the text or email. If these are not the same, this is a phishing scam and you should ignore the text or email.
2. Don’t click on links in websites you don’t trust
If you receive an email with a message that looks worrying, by all means follow up. But go directly via a browser to the organisation’s website (Paypal or DHL or whatever). Type the address in yourself – no copying and pasting. You can then check your account details using your own login details.
3. Be patient and do your research
Cybersecurity is so important during times where there is added stress and worry. Not being focused can cause mistakes and lead you to being hacked by a cybercriminal.
If you’re unsure about anything, research to ensure no scams have been reported – contact the real company the potential scam is supposedly from and get clarification to whether they contacted you or now.
4. Learn about cybersecurity
Cybersecurity is super important. 88% of companies provide regular information updates and training on cybersecurity, with 22% not implementing any form of security awareness.
cybersecurity training is important because it upskills your ability to identify possible threats and reduce the high numbers of cybersecurity breaches in the UK. Cybersecurity training includes identifying phishing scams, social engineering and tools and techniques for safeguarding your IT devices.