Holiday Season Safety (Video)
Amidst the holiday joy and end-of-year madness, remember to keep your business protected with a few key reminders. This 2-minute video is a special sneak preview for you with 4 simple, actionable tips.
FBI Public Service Announcement
Speaking of the holidays, the FBI has issued a PSA for buyers and sellers to be more alert with their online transactions.
There’s good reason for this. During the 2022 holiday shopping season, the FBI Internet Crime Complaint Center (IC3) received reports from almost 12,000 victims reporting non-payment/non-delivery scams, resulting in losses of over 73 Million.
Click here to read the PSA as a reminder for yourself, and don’t be shy about sharing it with your loved ones. Too often, embarrassment about admitting how we got tricked keeps us from saving others from the same horrible experience.
Ransomware-Aware
1 in 34
That’s how many organizations worldwide experience an attempted ransomware attack now.
North American companies sit at 1 in 69, but that’s still a 25% increase over last year. And industry can bump you up – Healthcare, Education, and Finance are 1 in 25, 27, and 29, respectively.
This data is from Check Point Research.
To get an even fuller picture of the impact ransomware has on all of us, look at this chart from Statista (below). It shows the Annual Share of Organizations Affected by Ransomware Attacks Worldwide from 2018 to 2023. Click on the chart to visit Statista.
What does this mean?
It means that 1 in 34 organizations may be experiencing the attacks, but more than 72% of organizations are impacted. So maybe you didn’t get hit, but your vendor did. Or one of your software providers. And so on.
To add more layers to this colorful threat landscape, Huntress, a managed security service founded by former NSA cyber operators, reports that 60% of ransomware incidents in their Q3 SMB Threat Report were from uncategorized, unknown, or ‘defunct’ ransomware strains.
Their researchers explain this significance, “While we often hear about headline-grabbing ransomware entities, many lesser-known ransomware strains are prevalent in the SMB space. This diversity suggests that size is no deterrent for cyberattacks, and small businesses should not underestimate the risk posed by ransomware, regardless of the strain’s notoriety.”
Huntress also points out that Business Email Compromise (BEC) poses a big threat for SMBs and that “identity-based attacks are on the rise with threat actors targeting cloud services to steal identifying information or break into business emails.”
Bottom line?
You still have to keep training your employees not to click on unexpected links and attachments. You still have to make everyone aware of proper verification processes so they don’t fall for impersonated texts and emails. But you also need to look at suspicious behaviors in network activity, too.
But don’t get discouraged.
As the threats evolve, our protections evolve. It’s only natural that the criminals will keep trying new things to separate us from our data/money. So we will continue to develop and implement better monitoring, detection, and defense.
As always, the point of this security brief is to make you aware, not afraid.
One Last Smishing Stat
Zimperium, a mobile security company, shares data that reminds us to include mobile devices in our employee awareness training. As the image shows, their 2023 Global Mobile Threat Report finds that users fall for text attacks 6-10 times more than email-based attacks now.
Click the stat to view more insights from their report. And remember to think before you click even, or maybe especially, on your phone.
