With the US Thanksgiving holiday upon us and the holiday season starting, warnings are coming for an increase in retail-focused cyberscams. Phony deals are expected to be on the rise, as well as targeting small and mid-sized businesses that could be more likely to pay ransoms to stop an outage during the busy holiday season.
One tactic that works to defend – training customer service teams to detect fraudulent refund callers and field calls from consumers who spot a phishing or imposter website scam.
Because a new Palo Alto research release uncovered an ongoing hacking campaign from a group known as both “Luna Moth” and “Silent Ransom” that ditches traditional malware attacks for phone calls. It starts with a phishing email and involves a callback number to a call center run by the hackers.
And holiday weekends are ripe targets for hackers due to the reduced staffing levels within organizations. According to a survey published Wednesday, more than one-third of respondents said it took their organization longer to assess the scope, stop and recover from a holiday or weekend attack than a weekday. Larger organizations with more than 2,000 employees were even more likely to experience delays.
Organizations would lose more money due to a ransomware attack on a weekend or holiday than they were a year ago, according to Cybereason. One-third of respondents said their organization lost more money from a holiday or weekend ransomware attack, up from 13% in 2021.
Why do we care?
It’s a bummer to do this before a long holiday weekend, yet the security downside must be highlighted. Two parts – first, retail-focused providers should take heed of these specific warnings, and second, training continues to be a vital part of the security story, not more products.
Holiday staffing is a crucial area of concern and should be proactively addressed. Leaders can’t just assume it will solve itself by volunteerism, which is too often the solution organizations take on. Another to consider – specific shutdowns for holidays.