[Scam of the Week] Black Friday & Cyber Monday Cybersecurity Tips 2021

Cybercriminals are at it again with holiday phishing scams. Because of the popularity of online shopping, retailers' online Black Friday deals attract more and more scammers every year. Cyber Monday will also mean big online sales. That means you and your users need to be extra cautious when shopping online over the Black Friday and Cyber Monday weekend.

Experian reported that 1 in 4 victims fell victim to fraud during the holidays. The researchers at Tessian found that thirty percent of people in the US reported receiving a phishing message around Black Friday in 2020. And during Cyber Monday, over $10.8 billion was made in online sales - setting an all-time record for digital revenue in the US. This all adds up to a bigger prize for cybercriminals to infiltrate.

I suggest you send this reminder to your users, friends and family. Feel free to edit, copy/paste:

"For many of us, the holiday season is about friends, family, food, and shopping! Two of the busiest shopping days of the year, Black Friday and Cyber Monday, are at the end of November. Unfortunately, while you’re looking for the perfect gift, cybercriminals are looking for ways to scam you. Follow the tips below to shop safely:

Never install unfamiliar software - There are hundreds of shopping apps out there. Some of these apps may be malicious, so only use apps that you know and trust. When you download software or apps, be sure to download from verified sources such as the App Store or Google Play. You can verify that an app is legitimate by reading the app’s reviews, checking the number of app downloads, and looking up the app’s developer.
Verify attachments are safe before downloading them - A common tactic among cybercriminals is to create phony email notifications from a retailer or postal service. These notifications often include a malicious attachment. The cybercriminals may claim that there was an update to your order or that your package has been delayed, but you’ll have to download the attachment to find out more. Don’t fall for this trick! Before you open the attachment, contact the retailer or postal service to verify that the notification is legitimate. You can also look up your order directly on the website where you made the purchase.
Verify links before clicking - Watch out for malicious advertisements, otherwise known as malvertising. Malvertising is when cybercriminals use ads to spread malware or to trick users into providing sensitive information. When online shopping, only click on an ad or link from a reputable source, such as a retailer’s official social media profile. To be extra careful, use your browser to navigate to the store’s official website to shop instead.

You can download a PDF here with all of these tips, available for print or digital download."

Get Your Free 2023 Holiday Security Awareness Resource Kit

It's the busiest time of year for everyone, especially cybercriminals. They know surges in online shopping, holiday travel and time constraints can make it easier to catch users off their guard with relevant schemes. This makes one of the busiest times of year one of the most important times for your employees to stay vigilant against cybersecurity threats.

That's why we put together this resource kit to help ensure no chunks of cyber-coal end up in your employees’ stockings this season! Use these resources to help your users make smarter security decisions every day.

Here's what you'll get:

New! Holiday Cybersecurity World Passport interactive game

Two free holiday training modules, available in multiple languages

Resources to share with your users, including an educational video, plus security documents and digital signage to reinforce the free modules included in the kit

Newsletters about holiday shopping and travel safety for your users

Access to resources for you to help with security planning for the upcoming year