Avoid These 6 Hacker Traps This Holiday Season
Holidays are stressful enough without having to worry about your business.
As employees prepare for the long weekend, they’ll be swapping Black Friday shopping tips, recipes, and travel plans. But did you know that every single one of their mobile devices could be a backdoor to your business’ network?
Stop what you’re doing right now and email your employees telling them to avoid these six hacker traps this holiday, before it’s too late…
Did you know that hackers can upload malware to your mobile device through a USB charging port?
Sure, your phone only has 15% battery left and you really, really want to watch a movie on the plane. But by plugging into a comprised charging kiosk while waiting at your terminal, you could be putting ALL of your data at risk.
Text messages. Emails. Work contacts. Even your most personal, private photos.
The USB port you use to charge your mobile devices is also used to transmit data. If the port you plug into has been sabotaged by a hacker, there’s no limit to what information they can get their hands on.
Even worse, if you work at an organization with a ‘Bring Your Own Device Policy’, the next time your phone connects to the Wi-Fi, you could risk bringing the entire network (and this quarter’s revenue) down with you.
With any ridesharing service, you face the same security concerns as an airport kiosk. There’s just no way of knowing exactly what you’re plugging into.
Instead of using your driver’s USB cable to charge your phone, invest in a portable battery pack, also known as a ‘power bank’. Or just bring your own charger and wait for a wall outlet.
You just received an email from a company you’ve been a customer of for over 10+ years. Surely there’s nothing to worry about when it comes to this amazing Black Friday deal they’re promoting, right?
To combat evolving email security and spam filters, hackers have gotten sneaky. They know how to copy and paste the logo of your favorite brand into an email so that it looks like it’s coming from them. This is called a ‘phishing attack’, and the only goal is to get you to click the link in the email.
“But the deal is just TOO GOOD to pass up!” you say?
Hover your cursor over the hyperlink to reveal its true URL. Even if the link reads “yourfavoritebrand.com/BlackFriday”, it could be sending you to a phishing site with a landing page that has all the logos of your favorite brand, but is really a cleverly disguised trap.
All hackers want is for you to ‘login’ on the fake page they’ve created so they can steal your username, password, and whatever other information you provide. Then they’ll use those same credentials to try and log into every major banking network, your server at work, your social media profiles, and more.
Sounds easy enough, but how many employees or coworkers do you know who still have their passwords written on a Post-It note they’ve stuck to the bottom of their computer monitor?
If you answered more than ‘zero, make sure your staff takes 5 minutes to clean off their desks before taking off for the long weekend.
Believe it or not, hackers have been known to bring down entire businesses simply by snapping a picture of a password, IP secret, or other privileged data that had been left out on an employee’s desk.
Who doesn’t love sharing the perfectly framed selfie, or gloating about the glorious vacation you’re about to embark on? But did you know that hackers could also be stalking your social media profiles, waiting for the perfect opportunity to break into your home, office, or even pretend to be you and trick coworkers into sharing company secrets?
Take a look at the privacy settings on your various social media profiles, and make sure anything set to ‘public’ as a default is immediately changed to ‘friends’ or ‘private’.
Phishing scams aren’t confined to emails. Hackers are now fabricating Caller IDs.
Say you hear your phone ringing in the other room. You go to pick it up, but it’s a number you don’t recognize. Luckily, you have Caller ID, and it’s telling you that the caller is Your Bank. Must be something important, right? Maybe something to do with your direct deposit and the holiday?
Just because Caller ID says your bank is calling, it could be a hacker hoping to steal your account information. If the person you’re speaking with tries to make the situation sound dire, or claims that your “urgent attention” is needed, hang up the phone. Then, call your bank back and ask to speak to a representative. If they have a record of the call, then you’re all set to proceed. If they have no idea what you’re talking about, then you just outsmarted a hacker!
All a hacker needs to disrupt your life is one email, one username, one password – which is why you should NEVER use the same login credentials for multiple websites, let alone your work and personal devices.
Remember: educating your employees on how best to avoid hacker traps is only the beginning. To truly protect your business from growing cybersecurity threats, you need a managed service provider that can outfit you with the latest firewall, data backups, cloud storage, and an IT infrastructure equipped to handle the demands of the 21st Century.