The 2024 Holiday season is right around the corner. Cyber Security Awareness month provides us with reason to pause and ensure we enter the Season prepared. Fortunately, it looks like the ports will be open for business, ensuring that goods will be shipped to those loved ones and friends on time. Online shopping continues to be the primary source of Holiday spend.  In fact, Adobe Analytics predicts an increase in online shopping, as they forecast, for the 2024 holiday season that U.S. online sales will hit a record $240.8 billion. That is an 8.4% increase over last year.

There has also been a dramatic increase in the number of devices with the household. Since 2019, the number of homes using smart home devices has increased from 47 million to 70 million today according to Statista. This along with additional mobile devices on and off network, expands the threat landscape for potential misuse and abuse of data. Threat actors are doubling down on the distraction of the holiday season in hopes to catch us off guard. Below are a few basic tips to ensure we are protecting ourselves as we transact online during this holiday season.

Three Holiday Safety Tips

1. Buyer Beware. Online shopping continues to be one of the primary means of purchasing holiday gifts. We also see the places to buy has increased, from manufacturer direct, online super stores such as Amazon, and even the many social media platforms. And advertisements continue to drive demand, which threat actors are looking to exploit. Not all ads are created equal in terms of safety or even reality. As we’ve all heard, if it sounds too good to be true it probably is. A few ways to ensure we don’t fall victim to false advertisements.

   1. Before clicking on an advertisement, verify the price from Manufacturer Website
   2. Do not enter Credit Card information into an unverified website
   3. Use free risk checking tools, like VirusTotal to check the trust level of the site. (Hover over the ad, right click, copy link, past in tool).

2. Special Delivery! Phishing campaigns continue to be the #1 infection vector across all industries. Threat actors, again, are looking to exploit the excitement of a potential delivery and catch a victim off guard. They use names like UPS, USPS, FedEx, and others in emails or SMS messages to compromise the victim.  If you are not expecting a package and receive an email or text to “click here to verify details,” or “your package is delayed,” here’s what to do:

   1. Delete the email or text.
   2. Always use the Tracking ID provided with your order that links directly to the shipping carrier by means of their main website or calling directly.

3. More Devices, More Problems! Over the past few years the number of devices in our homes has increased dramatically. These devices have also become much easier to add to home networks. We must ensure we maintain strong Cyber Hygiene. Below are a few things we can do to ensure we are protected:

   1. Ensure all devices remain updated with firmware and security patches
   2. Ensure your Wi-Fi SSID is unique or hidden
   3. Use a custom password or passphrase
   4. Only use one device for bank/monetary transactions

Taking the Next Step

As we prepare for the 2024 Holiday Season, the adversary prepares the same. Remain vigilant!

ePlus Security is a leading security technology advisor and integrator with a broad solutions portfolio, strong industry relationships, and an unmatched breadth of engineering talent and expertise. With a focus on customer experience, our security team designs and delivers outcome-focused, customized cybersecurity programs aimed at defining and mitigating business risk, maximizing technology investments, and creating safer digital environments.

For guidance with developing a cybersecurity strategy or conducting a tools rationalization assessment, ePlus can help. Check out ePlus Security for more information or contact us to schedule a call with a security consultant.

Have a cyber safe and joyous holiday season.

Related articles