Advisory: Security Measures for the Black Friday and Christmas

During the upcoming holiday season, Nostra wants to ensure that our customers stay safe while travelling and are extra vigilant online. With Black Friday sales campaigns and donations to charities in full swing, the time is perfect for spam emails, malware campaigns, and fake websites and charities.

What is the threat?

The holiday season is a perfect opportunity for bad actors to set up fake but legitimate-looking shopping websites to steal financial information as well as credentials of unsuspecting online shoppers. Calls can be masked to seem like they are originating from local areas, and requests are made for donations to charities. These fake charities may also falsely claim that donations made to them are tax-deductible to get more people to donate to them. For those travelling, it is important to keep in mind that use of public Wi-Fi networks could also cause your sensitive information to be exposed.

Why is this noteworthy?

Since the websites and calls can be made to look legitimate, it is difficult to tell what is real and what is fake. If a website set up for shopping is not encrypted, not only will there be an immediate financial loss on purchasing something that you will not receive, but your credit card details will be leaked and could be used later. Remediating loss of financial information or stolen identities can be a long and tedious process. Keeping your Wi-Fi and Bluetooth settings ON will cause your mobile devices to be susceptible to being hacked and your personal information being stolen.

What is the exposure or risk?

Clicking on suspicious links or websites and entering your credentials or credit card details can lead to financial losses and identity theft. Security breaches are the most common results of credentials being stolen by bad actors. Just leaving your Bluetooth or Wi-Fi settings ON all the time can be enough for someone to steal your information without you actively doing anything.

What are the recommendations?

Nostra urges users to be cautious while browsing and shopping online. Pay extra attention to any unsolicited promotional emails that you receive, and do not click on anything that seems suspicious. Be wary of fraudulent social media pleas, calls, texts, websites, and door-to-door solicitations for donations to charities. When travelling, avoid using public Wi-Fi to check your financial information or make online purchases by entering your credit card numbers. Turn off your Bluetooth when you are not using it or make your device invisible to others if it must be ON.

If you believe that you have been affected in any way by any of the means mentioned previously, report the matter to the police, your banks and other financial institutions and the Federal Trade Commission. Taking timely action will help in containing the impact of any breach.

Refer to the links provided in the references below to know more about how to stay safe and protect yourself against the threats mentioned above.

References:

To know more about threats to look out for and safety measures to take, please refer to the following links:

• For safety measures, while shopping online, refer to: https://www.us-cert.gov/ncas/tips/ST07-001
• For preventing social engineering and phishing attacks, please refer to this link: https://www.us-cert.gov/ncas/tips/ST04-014
• To avoid scams while donating to charities, please refer to this link: https://www.consumer.ftc.gov/features/how-donate-wisely-and-avoid-charity-scams
• To avoid having your information exposed while travelling, please refer to this link: https://www.us-cert.gov/ncas/tips/ST11-001

If you have any questions, please reach out to savvi_support@nostra.ie