Keep the Grinch out of your inbox these holidays 🎄

Cyber criminals are preparing to send you ‘gifts’, whether you’ve been naughty or nice. The Cyber Fitness experts at Cynch have some tips on what to look out for.

Stop & Think Before You Click!

Email is the lifeblood of most organisations and at this time of the year they’re coming thick and fast. While you might be busy working towards a well earned break, cyber criminals see the next month as their chance to strike.

Think about the messages you’re expecting this time of year;

last minute deals from cherished brands,
delivery notices and tax receipts for gifts you purchased,
invitations to end of year functions,
thank you messages from everyone you dealt with or would like to deal with.

It only takes throwing one well-timed dodgy email into this mix to make a recipe for disaster.

While the chaos of the run up to the holidays is unavoidable, you can make life harder for cyber attackers by slowing down and thinking before you act.

Here are some examples of the sorts of dodgy messages you and your team might see over the coming weeks.

False invoices

https://www.xero.com/blog/security-noticeboard/

Parcel delivery notifications

https://auspost.com.au/about-us/about-our-site/online-security-scams-fraud/scam-alerts

Surprise gift cards

https://www.woolworths.com.au/shop/discover/about-us/scam-alert

Dodgy holiday promos

https://blog.checkpoint.com/2020/11/17/phishing-emails-double-in-november-in-run-up-to-black-friday-and-cyber-monday

Keep your movements to yourself

As the year ends, you and your team might be taking some well earned time away. But radio silence on your emails may leave your clients and partners wondering where you’ve disappeared too. Fortunately the good old ‘out of office’ message is there to let them know what’s up and assure them you’ll be back to business as soon as you return.

Sadly, these automatic messages might flag to spammers and cyber criminals you’re away, so take care not to share the wrong things with the wrong people.

Here are six out-of-office reply examples that may put your business in danger these holidays:

“Our team will be away enjoying the holidays until the 5th of January and unable to respond to your email. We’d like to wish you all the best for the festive season and look forward to working with you in the new year.”

Giving specifics around when the office will be empty can give someone a nice window of opportunity to visit it while you’re away. What damage could someone do if they had access to your office for a week?

“I’m currently enjoying a well-earned break on the sunny beaches of Fiji and am unable to answer your email. I’ll follow up as soon as I return.”

With just a little bit of information, like where you’ve gone on holidays, scammers can target those you’ve left behind. How would your staff respond to someone claiming to be contacting you regarding you being in a hospital in Fiji and in urgent need of some money to cover medical expenses?

“I’m currently enjoying the holidays and am unable to check emails. For payment inquiries please email Ros (ros@shellbright.com), For support inquiries please email our support team (support@shellbright.com). Thanks”

Knowing Ros is in charge of payments in your absence could be just enough for someone to provide a convincing reason for money to be transferred quickly to the wrong account.

“I’m currently not checking emails, if you need me to contact me urgently, please call me on my mobile 0404 040 040.”

Is your mobile number public information? Are you comfortable giving it to anyone with your email address, including all those spammers that hit your inbox each day?

“Thanks for your email. Unfortunately, I’m currently enjoying the holidays with my partner Mark and our 2 wonderful children. I’ll be sure to respond as soon as I’m back online.”

Mark sounds like a lovely guy, but knowing you’re holidaying with them could give a crafty scammer some ideas on how to take advantage of your staff.

“I currently have limited access to email and may not respond immediately. Please contact our support team if the matter is urgent on support@shellbright.com”

This is actually a pretty safe message, but are you sure you want to confirm to someone that’s sent you a spam or scam email that the account they’ve targeted is real?

Out-of-office messages can be pretty handy, but as you can see there are a few things you need to consider before you start advertising to the world that you’re away. Here are a few things you can do to securely reply to emails while you’re on break:

Don’t be specific.
Use generic alternatives for urgent contact.
Don’t respond to everyone. Try responding to just known contacts.

Gear up for a cyber fit 2022

For more tips on how to keep your organisation safe these holidays and beyond, reach out to the team at Cynch Security, and take advantage of their exclusive discounts for NDS members.

Cyber Fitness ExercisesAdam Selwood3 December 2021