EXECUTIVE SUMMARY:

As we sprint into the final weeks of the holiday shopping season, cyber criminals are leveraging e-skimming tactics, phishing scams, fake e-commerce websites and other strategies to steal your data and that of your clients. Get info about scams to watch out for. Share information about these scams with your employees, peers, partners and prospects.

In 2020, Americans spent over $10 billion on Cyber Monday, and reporters are preparing to see higher numbers today. An estimated 158 million people will shop online from Thanksgiving Day through Cyber Monday this year and, in coming weeks, that number will rise. For enterprises, retail sales are great news, until the hackers hit. How can your enterprise defeat scams this year? Get insights into 5 common scams and prevention methodologies.

1. E-skimming scams. Although card skimming cyber criminals operate throughout the year, major shopping days and weeks leading up to widely celebrated holidays commonly show spikes in e-skimming scams. Last year, more than $1.8 billion were lost to e-skimming and similar types of cyber crime.

From footwear retailers to bakeries, all types of businesses have been victims of e-skimming scams this year. A new e-skimming scam occurs every 39 seconds, reports ABC News. “The problem exists on nearly every website on the internet,” says expert Matt McGurik. For insights into defeating e-skimming scams, click here.

2. Phishing fraud. In the US, digital fraud attempts, such as phishing attacks, have increased by 25% since last year. Beware of unsolicited emails. For example, brand phishing emails can appear legitimate -as they often copy the logo and style of honest brands- and yet they can fool anyone and lead to long-term financial losses.

Giving Tuesday, a movement that began in 2012 to encourage generosity and charitable giving, represents prime-time for phishing scams. In 2020, Americans gave more than $471 billion to charities. As organizations compete for your dollars, hackers may try to get in on the action.

On Giving Tuesday, more than 80% of employees generally want to contribute to charitable organizations. Some firms plan opportunities for employee giving, or send a donation to a collectively chosen charity. CISOs may wish to send out reminders pertaining to unsolicited emails, payments and donation scams.

3. Fraudulent websites. Organizations are often excited to pursue end-of-year deals much in the same way as individual consumers. Is your department purchasing new laptops, phones, drives, headphones, or headsets? Is your HR team working on a remodel, buying up snacks on Amazon, investing in physical security tools, or looking around for new business opportunities?

Ensure that the websites that you, your peers, employees and partners visit are secure by looking for the “https” in the URL bar. Remind those around you to click on the padlock in the URL bar to confirm the site’s safety. You can also use a site checker, like Google’s Transparency Report.

4. Social media scams. Platforms such as Instagram, Facebook, LinkedIn and Twitter represent key outlets for scammers. Some may try to friend, message or otherwise connect with your brand’s profile or your personal profile, and to lead you to malicious links.

Remind those around you to ensure that they know who they’re connecting with online. If a close colleague appears to be asking about something urgent or unexpected, employees can always reach out to one another via phone or email to confirm an identity or request.

5. Survey scams. Did your organization just purchase a series of tech devices from Amazon? Scammers are sending out fake surveys with the intention of walking away with your company’s details.

Tell those around you about survey scams, and warn against clicking on links and providing personal information.

In summary

While many assume that scams only affect older populations or the truly dense and obtuse, the Better Business Bureau reports that the highest median losses to scams actually occur among those who are 18 to 24 years of age.

To help your organization avoid cyber intrusions, disruptions and losses, provide your employees with cyber security awareness training. Humans can be your weakest links or your strongest lines of defense. Get more training ideas here.

Looking for additional timely cyber security insights, analyses and resources? Sign up for our newsletter here. Lastly, be sure to share information about these scams with your colleagues and peers using our easy share buttons below!