With holiday shopping season getting into full swing, you might have noticed your inbox crammed with promotions and sales from every major retailer and mom and pop store around. This seemingly harmless influx of promotional e-mails isn’t just filled with special offers for you but might also hide a well-wrapped present for cyber hackers as well. With retailers bombarding you with great gift ideas, hackers are hoping your eye for saving a buck will make you fail to see the signs of a classic scam — the phishing attack.

 

It's No Fun Being the Phish

Spear phishing might sound like a fun way to spend a vacation in Hawaii, but it's actually a scarily sophisticated scheme that will ruin your day. In a spear-phishing attack, hackers pose as seemingly trustworthy sources and send e-mails designed to get you to click a link, download a file, or respond to an urgent request before you've thoroughly thought things through. Spear phishing is usually targeted, with a long-term plan set in place to learn about you or your employees and fool the target with personalized information that makes the requests within seem reasonable and credible. Because human error is the most reliable vulnerability cyber attackers can exploit, these breaches are incredibly commonplace.

Unfortunately, for many businesses, these attacks work because they're very believable. Just this year, in July, internet company Comodo discovered a new phishing scam in which over 3,000 small businesses were sent what looked like an e-mail from the United States Postal Service with the subject line "Shipping Information." In the e-mail, a very legit-looking link to package tracking information was placed, which, when clicked on, unleashed a virus onto the unsuspecting recipients. This simple attack duped many otherwise smart people who were impatiently waiting on important packages and failed to recognize the warning signs. 

A breach like this is just one of many high-profile examples that show how a basic "fake e-mail" tactic is enough to infiltrate even the savviest organizations.

 

Be Merry, But Stay Vigilant

So, how do you make sure phishing scams don't spoil your holiday cheer?

Start the day by double-checking your e-mail filters. E-mail filters prevent spam and seemingly malicious messages from reaching you at all, so you won't even consider responding to them. Taking this a step further, consider implementing a Sender Policy Framework (SPF) to help you prevent spoofing of your e-mail addresses.

 

Next, do some cleanup. If you haven't cleared them in a while, who knows what potential dangers are lurking in the darkness of your overflowing spam, inbox, and download folders? Getting rid of this unwanted clutter will remove potential pitfalls and create more space in your system to work with.

 

Finally, call a meeting and make sure your entire workforce is aware of the current risks and are taking the same precautions. It's always essential to make sure everyone in your organization understands potential risks and is on the same page about preventing hackers from finding a way to worm their way into your systems.

 

 A Powerful Partner Can Protect You

Worried you might get phished? Celebrate the holidays by partnering with an MSP who can help you stay safe. Working with Divergys will help alleviate stress about all types of phishing schemes and free you up to focus on the aspects of your business you really want to be worrying about. We will be your trusted partner who continuously arms you with the know-how and required tools to confront the latest cybersecurity threats. If you truly value your time and safety, contact Divergys today to learn how we can help keep you from staying late to clear out your computer.