Awfully Scary, ‘Tis the Season to be Wary

spam_zombie2And just like that, Christmas is nearly upon us. Those of you who reside in the shimmering world of technology may be taking a moment to sigh relief, as you made it through another year without a total meltdown. Others, however, are popping Advil as they try to deal with the result of users who just don’t know how to restrain themselves from clicking links. Dreamy tales of sugarplum fairies and eight tiny reindeer are hijacked by nightmares of malware, Trojans and botnets, and like The Chipmunks, IT administrators squeak out, “we can hardly stand the wait, please get the damn holidays over with, already!” Okay, it doesn’t rhyme, but at this point, all some people want to do is hunker down with a giant vat of egg-nog and ride out the spam storm.

We’ve seen a tumultuous year in spam, with stories of companies getting slammed for poor behavior. The threats are everywhere, especially during the holiday season, which begins earlier each year. And it doesn’t stop with spam, because as all good IT people know, the interconnection between everything creates a web of risks that threatens to topple us on just one thin strand. Thanks to the likes of Target, for example, we lose faith entirely in any kind of secure transaction processing. The US retailer somehow let 40 million credit card numbers get out in the wild, and that was over a three week period at the most treacherous time of the year for information breach.

Taylor Amerding of CSO writes about the dangers this week at PC World, pointing out that “millions of spoofed emails are already clogging inboxes, purporting to be from online retailers or shipping notifications from FedEx, UPS, and others. Cyber criminals are all over social media sites, trying to get you to click on links from your “friends,” or to open up fake e-cards. Or, they’re trying to scam you into purchasing fraudulent gift cards for unbelievably low prices.”

As we’ve pointed out before, the risks during the holiday season are a minefield littered with broken glass, and you can’t find a pair of shoes to save your soul. People often lose their minds this time of the year, hyper-focused on family stress, travel stress, money stress, and the holiday blues as the long cold winter sets in. There’s been plenty of research to suggest that IQs lower as stress increases, so don’t assume that you’re going to be as alert to the wily ways of spammers and hackers this holiday season. So if you’re an IT admin, don’t assume that the users which you educate and protect over the course of the year are all there this time of the year. The holidays can do strange things to people.

Amerding also addresses the risks associated with mobile devices, a new wrinkle that didn’t really exist for us even a few years ago, if you consider that these devices, their high speed connections and sophisticated apps are now in the hands of the everyman, and that those devices have only recently begun to reach their true potential. There’s been plenty of backlash of late about how the apps collect data, often data that they have no place collecting. Only this week, Google managed to tick off a few people when it announced that it was removing a key privacy feature from Android, backing it up with the lame claim that the software was only a beta app whose inclusion was accidental and wasn’t supposed to be in Android 4.3. Yeah, right.

WiFi is an issue, too, with busy malls packed to the gills with frantic shoppers looking for last-minute deals. It’s not a stretch to imagine that the most enterprising hackers – like the types that nailed Target over a three week period – are hanging out at your local Starbucks or in the food court at the mall, just waiting for those of us who just can’t help ourselves when we connect to a public hotspot. Amerding points out that public WiFi “spawned yet more revised versions of holiday jingles like, ‘You better watch out, you better not cry, you better not use that public Wi-Fi…’”, and “Anyone who enters user names, passwords or credit card numbers while using such a service is asking for trouble.”

CSO has a brief yet good primer for those who need a reminder of the risks associated with the holidays. You may want to send everyone a gentle nudge. And above all, stay safe this holiday season.

Leave a Reply