Beware Of Cybersecurity Threats This Holiday Season

By First Columbia Bank's Risk Management Team

While many of us are shopping, decorating, and traveling to celebrate the holidays, scammers are working overtime to trick individual consumers and businesses out of their sensitive personal data and hard-earned cash. To keep yourself safe this holiday season, learn how to spot and avoid these common cybersecurity threats.

Holiday cybersecurity 1

Be careful where you do your online shopping

As gas and food prices remain high, people are relying more and more on online retailers to do the bulk of their shopping. The holiday season is a prime opportunity for scammers who wish to drive users to spam websites in an attempt to collect their payment or personal information. These websites can often be created to look like an official website, and may even be branded in a way that looks like a major retailer with which you’re familiar with. Before entering any personal or payment information on a website, watch for the red flags that should make you suspicous: 

  • Take a close look at the website URL.
  • Is there a padlock symbol in front of the URL?
  • An “s” in https?
  • Does the web address look like it belongs to a major retailer, but there is a misspelling or something else “off” about it?
  • If you’ve never heard of the company before, is there an “About Us” page with contact info including a phone number and street address? If not, then continue your research to ensure the company is legitimate. 
  • Do they accept normal payment methods like debit cards? Or do they want you to pay by wire transfer or gift card number?
  • Does the price of the item seem “too good to be true”?

Businesses need to be careful as well

While shoppers need to be cautious during the holiday season, businesses are also targeted by hackers and fraudsters during this time of year. Hackers know that many businesses are operating with smaller teams as employees take time off, so they target businesses when it may be more difficult to provide technical support and respond to address these threats. 

Don’t fall victim to a business scam–follow these tips:

  • Secure your network and databases with firewalls and encryption. 
  • Keep anti-virus and other software up-to-date.
  • If not already password-protected, create one for your business wi-fi.
  • Train employees on cybersecurity best practices.
  • Make it mandatory for employees to change their passwords often.
  • Set up multi-factor authentication when possible.
  • Learn how to spot the signs of phishing emails.
Holiday cybersecurity 2

Use caution when opening emails

E-mail remains the number one delivery system of phishing attempts. These become even more prevalent during the holiday season when promotional emails are at a high point. Scammers will use the season as an opportunity to offer prices or products that are too good to be true, or pose as charities to take advantage of people’s generosity at this giving time of year. Resist pressure tactics or a sense of urgency that tries to get you to donate or buy now. Be careful when opening emails and clicking on links–hover your cursor over the link to see the full URL. Why? Clicking on a malicious link could install malware on your computer–without you even being aware of it.

Robotext scams are also on the rise. These texts are often spoofed so you can’t see what number they really came from. Delete or report as spam any unwanted texts from senders you don’t recognize. Be wary of messages that claim one of your accounts has been compromised or that offer a tracking number for a recently shipped package. Contact the company in question directly to see if there is truly a problem. 

Be vigilant with password security

If you’re doing a lot of online shopping, it can be tempting to reuse the same password across multiple online accounts. However, this makes you vulnerable to potential cybersecurity breaches. If a hacker discovers one password that you use for multiple accounts, they can use that information to access every account with the same login credentials to make fraudulent purchases. Needless to say, you should always use best practices when creating passwords and change them regularly. These include:

  • Don’t share your passwords with anyone else.
  • Use a unique password for every account–a password manager can do this for you if you don’t want to remember multiple passwords.
  • Opt in for multi-factor authentication, such as entering a one-time passcode sent to your phone or email, in addition to entering your login credentials.
  • The longer a password, the better. Aim for at least 16 characters.
  • Use a passphrase instead of a password.
  • Avoid commonly used words and number or letter combinations (i.e. abc, 123).
  • Don’t use your birthday, street name, or other information that may be publicly available.
  • Use a combination of upper and lower case letters, numbers, and special characters.

Monitor your financial accounts

The holiday season may be busy, but don’t let that stop you from reviewing bank account and statements to make sure there are no unauthorized transactions or withdrawals. With online and mobile banking from First Columbia, you can view your account balances, recent transactions, and monthly statements from anywhere. If compromised, call us as soon as possible. 

Holiday cybersecurity 3

First Columbia is with you every step of the way!

The security of your account and personal information is very important to us. Our Account Protection Page is a resource providing information on scams to watch out for and tips to protect yourself. We invite you to visit our page and share these tips with your friends and family.