Contact Us
Item added Item updated Item removed No more products on stock You entered wrong value.

No products in the cart.

Item added Item updated Item removed No more products on stock You entered wrong value.

No products in the cart.


Cyber Monday Scams: How to Prepare Your Team for 3 of the Most Feared Threats

November 21, 2023
Posted by Andre Marion
Cyber Monday Scams: How to Prepare Your Team

Get ready for a story about a cyber snowball of epic proportions:

2013. Sharpsburg, Pennsylvania. Leaves are getting rusty and falling from the trees, temperatures are starting to dip below the 50’s. It’s cold, with a gentle breeze outside. Autumn is looking great so far, and Thanksgiving is approaching. 

An employee from an HVAC company sits behind his monitor. Black Friday and Cyber Monday are right around the corner. So, he’s using some of his free time to browse the deals online.

He comes upon an ad for a discounted product, clicks it, and receives an email with a link. He clicks the link

Unknowingly, he has clicked on a malicious link, infecting his computer with malware, allowing hackers to access his company's network. The attackers steal credentials and customer data, including names, addresses, phone numbers, and Social Security numbers.

This unspectacular event from the little-known company would wind up playing a major role in a devastating cyber attack, affecting millions of Americans and costing one of the biggest retailers sales and a decline in its stock price. Oh, and the CISO her job.

It happens that this particular HVAC company was a contractor of Target, the US retailer with nearly 2,000 stores. After infecting the company’s network, the attackers expanded their target to the HVAC’s customers, including Target itself, and were able to use stolen credentials from the contractor to gain access to Target’s network, seizing the personal and financial information of millions of Americans. 

It’s the famous Target breach. Ultimately, cybercriminals were able to steal 40 million credit and debit records and 70 million customer records. In addition to reputational damage, Target’s net earnings dropped from $1.47 a share the year-earlier holiday quarter to 81¢ a share. 

The scenario for Cyber Monday 2023

A year ago, Americans set a new record for shopping online, spending $11.3 billion on Cyber Monday, more than any other shopping day that year.

Look for a new record this year., By some estimates, consumers in the US alone will spend $13.7 billion online. Last year, the average American spent between $113 and $147 on Cyber Monday.

Online shopping Awareness

Safe online holiday shopping

Help your team to be smart and stay safe when shopping online with this helpful PDF branded for your company

This PDF guide includes tips on how to:

  • Identify and avoid fake ads and websites
  • Choose trusted retailers
  • Evaluate online reviews
  • Pay safely and securely
  • Protect their personal information

See it in the Aware Force Cyber Library

What cyber threats to look out for during Cyber Monday 2023

Here are three of the most common Cyber Monday scams to keep in mind this year and how to spot and avoid them: 

Fraudulent websites and online stores

Criminals create fake online stores or spoof real ones. These websites — often online for only a matter of hours — are designed to steal personal or financial information or to trick users into buying non-existent products.

How to spot and avoid fraudulent websites:

  • Double-check the website’s URL. The spelling of a fraudulent website could be similar to the real thing (or sometimes, the address is shortened or lengthened so it makes no sense) and could be spelled using a ”.net” domain instead of ”.com.”
  • Look for signs that the website is fake, such as poor grammar, low-quality images, or prices too good to be true.
  • Ensure the website has a URL starting with “https” — an indication that the website is secure. This is becoming less of an indicator, though. 58% of fake websites are now encrypted.

Fake delivery scams

Fake delivery notifications or order confirmations are sent to shoppers, claiming an issue with the shipment: a delay, a missing package, or a fee. The scammers then ask the shoppers to click on a link, call a number, or reply with personal or payment information to resolve the issue.

How to spot and avoid fake delivery scams:

  • Don’t follow email links: Visit the website directly 
  • Check the sender’s details: Scammers often use email addresses similar to legitimate organizations but with slight variations.
  • Install reliable security software on your personal devices: security software can protect you from phishing attempts by blocking malicious links.

“Too good to be true” Ads

They will be all over social media and blogs: flashy ads with impossibly low prices. Often, these ads take the user to fake websites. 

How to spot and avoid fake ad scams:

  • You know the deal. If it seems too good to be true, it probably is.
  • Confirm an ad by going directly to the retailer’s website without clicking the ad.

Other scams to keep in mind

A few other scams that you can expect to hit the online shelves this autumn are:

  • Counterfeit voucher and coupon websites
  • Fake charity fundraiser scams
  • Phishing scams
  • Fake cash app payments
  • Gift card scams

How do you keep employees alert and protect the company?

Cybersecurity awareness is crucial during the holidays. Creating and maintaining a cybersecurity awareness program is challenging and time-consuming.

Right now, organizations should engage employees with helpful, time-sensitive content.

  • Drop the boring tech talk! Cybersecurity awareness is interesting! Your content should be educative and empowering. 
  • Foster good communication and trust between your cybersecurity experts and your workforce (most of whom are not technically oriented).
  • Continuously educate yourself and your teams about the latest cyber scams. There is always something new, interesting, and dangerous out there. 

Too busy to take care of your daily workflow to focus on educating your workforce?

Aware Force is here. We deliver timely, relevant content year-round — branded and tailored for your organization, reinforcing your team’s role as subject-matter experts.

Aware Force’s content is easy to use and ready to integrate with your existing cybersecurity programs.

It’s ideal for intranets, websites, internal social media, and your onboarding program.

We’re standing by to show you truly innovative ways organizations use Aware Force to engage their employees. (And the employees let them know how much it’s appreciated!)

Get the latest insights in cybersecurity. Subscribe to the Aware Force Cyber Blog
Insightful cyber news, fresh ideas for engaging your employees and more.
Let's connect!
Learn innovative ways organizations are using Aware Force.
(470) 448-3887
Contact US

© 2024 Aware Force LLC - All Rights Reserved - Privacy Policy
usercartmagnifiercross linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram