Ascend wants you to stay secure this holiday season. The end of the year brings with it a dramatic increase in cybersecurity events. So how do you handle these holiday hackers? Keep these tips in mind to stay secure in the New Year.
PHISHING & SCAMS
During this time, threat actors are sending phishing emails in high volume. Be on the lookout for these common scams:
-
-
CEO Fraud
Is your boss emailing you claiming to be on vacation, but in urgent need of a wire transfer or purchase? Contact them directly through a known phone number (not the one they offer up in their email) or contact another member of your Executive Team to confirm the instructions.
-
-
- Financial Transaction Requests
Is an angry client asking you to urgently provide them with account information or send money to a new account? Treat these requests with extreme caution and contact the client through a previously established phone number (not the one they offer in their email) to confirm the authenticity of the request.
- Financial Transaction Requests
-
- Retailers
Only open emails from retailers that you purchase from, and even then, proceed with caution. If an email seems questionable, do NOT use any links or information it contains — instead, go directly to the retailer’s website and contact them using the official information there.
- Retailers
-
- Shippers
Track your packages directly from the shipper’s website, never via unexpected links sent by email or text.
- Shippers
-
- IRS and Department of Revenue
Tax season is right around the corner, and fraudulent emails and text messages will soon begin. Remember, these government agencies will never email or text you to take an action — they always call or send paper mail.
- IRS and Department of Revenue
-
MFA
- Use MFA (Multi-Factor Authentication) wherever you can enable it. We recommend you use it not only to protect your work accounts but also your personal accounts.
-
Passwords
Practice good password hygiene. Never use any version of your work password for your personal accounts or vice versa. Every site and service you use on the internet should have a unique and complex passphrase. Unique means you don't just increment the numbers at the end of a password. (That's right, winter21 vs. winter22 does not count as unique!) Complex means you should use a passphrase ideally 14+ characters long, and a strong mix of letters, numbers, and symbols if you must use fewer characters. -
Mobile Device Safety
- When traveling, keep a close watch on your laptop and mobile phone—especially when traveling through security checkpoints. While encryption can help protect lost or stolen corporate devices, even your personal devices can be a gold mine to bad actors. It's best to do what you can to keep your data and devices out of the wrong hands.
-
Company Security Policies
Check with your manager and IT Team to fully understand any policies regarding secure access to corporate systems remotely if you'll be doing work from a new location this holiday season.
By staying vigilant, you can remain safe and secure from cyber threats, leaving you confident that you are not putting your organization's assets at risk when working from home or traveling over the holidays.
Written by Nikolai Vargas, VP Cybersecurity Services