TRENDING:

The Agency Insider with Linda McGlasson

'Tis the Season: Add Security to Holiday Greetings

Linda McGlassonNovember 27, 2009    
'Tis the Season: Add Security to Holiday Greetings

Remember last year, when your New Year's resolution was to educate your employees and customers about protecting their identities -- the gift most sought after by cyber and physical thieves? It's time to renew the security education effort because 'Tis the Season for Thieving.

The holidays are such a rush of shopping, parties, family gatherings and sharing. But we're often not ready to tell those close to us about how to protect themselves and the information that they handle for others from thieves looking to take data, skim credit cards and, well, basically ruin many a happy holiday with fraud.

Those intent on fraud come in all shapes and sizes, so it's something to see: the temporary store clerks skimming cards behind the counter, the phishers sending those important bank emails to your customers and saying they must change a password, even the rogue insider at the institution collecting data to sell outsiders.

For your customers, here's a short list of the kinds of scams and schemes criminals are using to make holidays a real heartache:

Fake charity websites -- They're out there and asking, pleading for your credit card information. Stick with the well known ones like the Salvation Army or the Red Cross.

Fake delivery invoices: I get these in both my personal mail and work email, annoying, but they can be ignored. If these fake delivery invoices are opened, they usually deliver some nasty malware onto the computer. If you owe someone money, they're going to call you or send invoice via snail mail.

Fake "New Friend Request" emails: These are sneaky, so be on the watch for these on Facebook and other social media sites.

Holiday ecards laden with computer viruses: One word describes these potentially virus-laden missives -- dangerous. Check with the person who supposedly sent it to you; if it doesn't jibe, delete! Even if legit, scan for viruses.

Unsecured, public area computers: Unsecured? Enough said. Many times keyloggers and sniffers are placed on there by criminals to watch and record every key stroke. Even checking your email is dangerous on public area computers.

Fraudulent holiday-related websites: You're aware of them, but are your customers?

Job-related email scams: The recent FDIC warning on ACH fraud noted that money mules were being used to move the stolen funds. These scams are where the hackers hire those mules. Warn your customers about this scam.

Auction site fraud: The classic fraud via sites such as eBay and others isn't going away. Buyer beware - if it looks or sounds too good to be true, walk away.

Password theft: This is done in myriad ways, so caution is the watchword. Also, remind your customers to change their passwords frequently and not use the same password for every site they visit.

E-mail banking scams: Can be devastating to a customer's balance, and even their identity, so keep plugging away with the warnings about phishing, vishing, smishing, because the criminals are using more than just the computer to get what they want.

Do tell your customers and employees to practice safe computing during the holiday season and throughout the year. Here's hoping everyone will have a safe, secure holiday season.



About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network

How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Why Health Firms Struggle with Cybersecurity Frameworks
Why Health Firms Struggle with Cybersecurity Frameworks
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.