“Tis the season to be jolly … careful online” was how I started this interview on the Today Show this morning. Apologies to any viewers, I felt a bit like the Cyber-Grinch. But it is true that this is Holiday Hacking season. It is the happiest time of year for scammers because:
1. Reduced staff numbers at work means normal approval protocols are not observed as diligently
2. We are relaxed & not as vigilant when responding to emails/texts
3. Many of us are buying online with a fever not seen in other months – often using our work devices

Scammers exploit simple psychological vulnerabilities!

Some of the Festive Season scams to watch out for are:

+ “Boss is in Bali” scam – where an employee gets an email purporting to be from a senior exec who is on holiday somewhere & they ask the employee to do something quickly (usually a transfer of money). We all want to please the boss.

+ Delivery Update Scam – You get a text asking you to click to track your shipment. Due to the online shopping frenzy, we are inclined to click as who knows how many things we ordered.

+ Charity Con – An email for what seems like a worthy cause taps into the fact that Christmas time is often the “Giving Season” for people.

+ “You have won” email/text – You have not won!

+ Fake Sales Promo – An iPhone for $600. That is amazing (and a scam).

+ “Hey Mum” Scam – A text from your kid saying they have lost their phone & are using someone else’s phone and can you “please transfer money to their account so I can get a taxi home”.

Many people have been victims of these scams – they are real!

Here are the 2023 Cybersecurity New Year’s Resolutions for Individuals:

+ Hackers are often lousy spellers: Check emails for poor spelling, grammar & language. Remember “Apple” doesnt have 3 “P’s”
+ Don’t click a link in an email to a retail or a charity website. Go to the site and check it out there
+ Software update notices often come at the most inconvenient times. But updates are important for the security of your phone/computer – update immediately!
+ Check it by phone: If you get an email from the boss in Bali (or other) – better to ruin her trip with a phone call than to ruin the business by clicking a link.

Here are the 2023 Cybersecurity New Year’s Resolutions for Businesses – Big & Small:

+ Do a data clean up – remember the Japanese tidying-up expert Marie Kondo? Well time to Marie Kondo your data – don’t keep what you don’t need. The more data you have the more they can steal

+ Protect your crown jewels (esp. customer data) with extra cyber protections

+ Check your cybersecurity processes are appropriate for the size/type of your business

As Mariah sings “All I want for Christmas is … not to be scammed”

Do you have any examples of scams you have seen? Or any other cybersecurity NY resolutions?

[Special thanks to @Melinda Hird – an amazing photographer who seemingly can’t suppress her professional instincts & shot this photo with her phone when she saw it]