Monday, November 13, 2017
Security experts are advising companies to secure corporate networks ahead of the holiday season, when employees may be more susceptible to phishing scams and online fraud. A new report published Nov. 2, 2017, by Adobe Systems Inc., predicts a 13.8 percent increase in online shopping this holiday season, with 80 percent of ecommerce occurring at major retail sites. The study, Holiday Ecommerce To Hit Record $107B in 2017; Mobile Will Lead in Visits, is based on metadata from Adobe Analytics.
Mickey Mericle, Vice President, Marketing and Insights at Adobe, expects to see deep discounts, as retailers compete for market share. "We predict the biggest retailers with wide selections, easy shopping experiences and free shipping, to drive online holiday growth this year," she stated.
Christian Lees, Chief Information Security Officer at InfoArmor Inc., said employees will be more susceptible to phishing and malware attacks during the holidays, as criminals try to steal their credentials to gain access to corporate networks. "Considering the tremendous amount of time individuals spend at work, naturally some of our personal behavior weaves its way into our corporate environment," he stated. "For example, mailing lists and 3rd party site enrollment tends to peak during holiday season, often due to retailer campaigns, targeting marketing and consumer behavior."
Individuals who use their corporate credentials and work email accounts to shop online are exposing their companies to outsider threats, added Byron Rashed, Vice President, Global Marketing at Advanced Threat Intelligence at InfoArmor. Most credential breaches occur at third-party sites, where consumers use corporate emails and passwords to create accounts. By using a corporate password, these employees unwittingly give threat actors the "keys to the kingdom," he noted.
Noting that threat actors can be cunning, Rashed recommended implementing the following precautions to protect employees and networks from outside threats and data breaches:
Rashed emphasized the need to protect mobile, tablet and laptops passwords, especially those that can be easily accessed on a connected device. "An obvious potential danger is in the latest version of iOS where "keychain" can be easily accessed through settings," he stated. "The user names and passwords are available in this feature. If the device is lost or stolen and no passcode protection is on the device, all the user's accounts within keychain are at risk."
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.