DomainTools' Kyle Wilhoit shares how shoppers can avoid holiday shopping phishing attacks, data leaks, and other scams.
Hackers love the holidays. TechRepublic's Dan Patterson met with DomainTools' senior security researcher Kyle Wilhoit to discuss how shoppers can avoid becoming victims to cyberattacks this season.
Because a large portion of holiday shopping is done online, businesses need to protect their consumers from cybertheft and criminals, Wilhoit said. Because many phishing attacks are carried out via email, organizations need to make sure their customers are aware they won't be sending emails or asking for specific information like addresses or credit card numbers. Out of all the traditional security measures businesses follow, awareness is one of the most important, he added.
SEE: Security awareness and training policy (Tech Pro Research)
Internally, businesses should have a policy for storing customer information in place. Employees need to know where it is going to be stored, whether it's going to encrypted, and how is it going to be handled. Secondly, businesses should know how they're going to secure their customers' data during transit.
"This is a huge shopping season—this is a huge area for cybercriminals to really leverage especially this time of year," Wilhoit said.
When consumers receive emails, they should make sure the message is legitimate before clicking any links. "If users are aware of what emails are valid or not, that's going to go a long way in making sure that person's data security is held at the highest procedure," he said.
- Warning: Cyber breaches more likely over holiday break (TechRepublic)
- Special report: Cybersecurity in an IoT and mobile world (free PDF) (TechRepublic)
- APAC firms see clueless employees as biggest security threat (ZDNet)
- Cheat sheet: How to become a cybersecurity pro (TechRepublic)
- Mirai botnet attackers plead guilty for roles in cyberattacks (ZDNet)