It’s that time of year again when organisations ramp up ready for the holiday season. Retail push for their Christmas sales, Finance see the uptick in spending and Hackers feast on unsuspecting targets.
Unshakeable Salt will be primarily serving our NHS clients over this period. This is not because they are more vulnerable, or that the healthcare is particularly targeted through December. It’s because here in the UK, Christmas is a time when healthcare is particularly stretched without the additional pressures of ‘Cyber’.
Online resources such as https://www.nhs.uk and the fantastic NHS 111 service take the pressure off bricks and mortar healthcare. If 5 people check out an online resource prevents one person presenting themselves into an A&E department, then it’s money well spent. Ensuring that those web portals are available (and not hijacked or misused ) saves money and helps to save lives.
Deep Sea Phishing
The November through January period always sees an uptick in phishing campaigns. The mass increase in retail offers provides a smoke screen to hide effective phishing emails. Most will be jumping on post event sales ( “click here to see the delivery date of your £750 telly “ ), although many will be precursors (‘click here for your £40 booze voucher for your works Xmas party” ) .
Even with the uptick at this time of year, the advice we give is the same all year around;
- Many phishing scams originate overseas and often the spelling, grammar and punctuation are poor. Others will try and create official-looking emails by including logos and graphics. Is the design (and quality) what would you’d expect from a large organisation?
- Is it addressed to you by name, or does it refer to ‘valued customer’, or ‘friend’, or ‘colleague’? This can be a sign that the sender does not actually know you, and that it is part of a phishing scam.
- Does the email contain a veiled threat that asks you to act urgently? Be suspicious of words like ‘send these details within 24 hours’ or ‘you have been a victim of crime, click here immediately’.
- If it sounds too good to be true, it probably is. It’s most unlikely that someone will want to give you money, or give you access to some secret part of the Internet.
If you believe that you’ve has been the victim of online fraud, scams or extortion, you should report this through the Action Fraud website. (Action Fraud is the UK’s national fraud and cyber crime reporting centre.).
If you want more advice (especially for your family) on how to stop, identify and prevent phishing – have you considered a Safe And Secure Online workshop ?
The holiday season also sees an uptick in social engineering. With organisations suffering from staff sickness, there is a higher dependancy on agency and bank staff. Knowing this, criminals the opportunity to socially engineer their way in.
It’s the time of year to be the cold and flu season. Tiredness , hangovers, and the lack of daylight make people a little worse for wear and their guard is down. A cold call from someone you don’t know becomes acceptable when you know so many people are off ill. Suddenly you don’t mind telling ‘Temporary Tanya’ the pin code to get into the office.
As you write your customary annual thank you emails to your staff, don’t forget to remind them about the potential of security breaches over the festive holiday season. Amongst the praise for the year just gone, a gentle pointer to keep security in mind could keep your business safe for another day.
It’s that time of year again when organisations ramp up ready for the holiday season....