Awareness is the Key to Staying Safe on Black Friday

Awareness is the Key to Staying Safe on Black Friday

The millions of employees in Europe and North America who will shop online at work for Black Friday deals will put their companies at risk of malicious malware and hacking, too. But with some awareness, victimhood can be avoided.

T-Systems, the cyber-security arm of Deutsche Telekom, said that over 40% of people shop from their desks at work on Black Friday—yet the risks from employees being unaware of the threats from lax personal email security are clear. In T-Systems research into the cybersecurity practices of 2,000 UK employees, over a third said they don’t know that their desktop computer can easily be infected with a virus from an email.

It also revealed that only a third of employees have had cybersecurity training in the past year (34%) and nearly 30% never had it at all.

“This week we should all expect an influx of hoax emails amongst the many legitimate Black Friday deals,” said Scott Cairns, head of the UK Cyber Security Practice at T-Systems. “Many will contain malicious code or phishing scams in an attempt to use Black Friday as a cover to persuade people to open unsolicited emails. Businesses tell their employees not to use their office PCs for personal use, but many will ignore this because they don’t realize the seriousness of the risk from opening such emails.”

Straightforward steps employers can take to reduce the risk include warning employees of the different types of cyber-threats and highlighting the severity of a potential cyber breach; where possible, they should provide examples of what possible malware-infected emails look like so that employees learn how to spot a potential threat.

Cybersecurity training meanwhile should be made compulsory for all new starters, and all employees should have annual cybersecurity refreshers to combat the evolving nature of cyber-threats. Cybersecurity protocols meanwhile need to be followed throughout the company, and training and refreshers should not be exclusive for new or junior employees but all the way up to C-Suite executives.

Source: Information Security Magazine