As the calendar turns to February, we once again look forward to the holiday for lovers: Valentine’s Day. In 2021, it falls on Sunday, February 14th. Take the time to show the special someone in your life that they mean a lot to you on this day. Frequent Valentine’s favorites are roses, heart-shaped chocolates, and a dinner out on the town (socially distanced of course). Americans spent $27.4 billion on Valentine’s Day in 2020. Talk about a lot of flowers!
But while you’re busy planning the perfect date, cyber criminals are as active as ever. Holidays are a cyber criminal’s favorite time of the year, not because they’re looking for a date, but because they’re looking for your data! With all the spending going on during times like Valentine’s Day, consumers naturally let their guard down. People can get caught up in the excitement of ordering gifts for others and not be as vigilant as they should.
We believe you can have fun during the holidays and protect yourself from cybercriminals. It won’t take too much effort, and it will definitely be worth it. Nothing is worse than planning a special date and then having your credit card stolen or your computer hacked on the same day!
Here’s what cybercriminals are up to this Valentine’s Day and what you can do to stop them:
They’re going phishing
And we’re not talking about going out on a nice boat and working on your tan at the same time. No, this kind of phishing is not only spelled differently, it’s a lot less innocent. Around this time of the year, cybercriminals ramp up their efforts to make you feel the love, sending millions of dating spam emails. Attackers try to trick you into sending money, compromising photos for blackmail, or personal information for fraud.
So, what can you do? First and foremost, educate yourself and your employees on the dangers of phishing messages. Human beings consistently remain the hardest-to-resolve security issue for companies; we are always vulnerable to social engineering and even bribery. You can also protect yourself by investing in a cloud-based email solution with comprehensive spam protection that will keep suspicious emails from ever getting into your inbox in the first place. Finally, be sure to think before you click. Take a few extra seconds before clicking a link or sending money to ask yourself a few questions: Do you know the sender? What action are they asking you to take, and does it seem safe to follow through with it? Take a deep breath and analyze before going further.
They send you unwanted gifts
According to Check Point, in both 2018 and 2019, there was a 200% increase in the use of the word “Valentine” on malicious websites during the month of February. There were similar results for the word “chocolate,” too. The purpose behind using these keywords is clear: to lure in Valentine’s Day web traffic and to blend in among other legitimate websites. There is also malvertising, where malicious code is injected into legitimate online advertising networks. When ads are clicked, traffic can be rerouted from server to server and wind up delivering malware to a user’s device. Ads featuring those popular, Valentine’s-themed keywords are more likely to get attention and direct innocent romantics to dangerous sites.
The worst malware threats should be warded off by antivirus software. There’s also ad blockers you can enable for Chrome or your preferred browser that offer protection by blocking all ads indiscriminately. Together, these solutions can be an effective defense against malware from ads, but they both have to be installed, activated, and updated regularly to work as intended. Some sites, for example, require you to disable your ad blocker in order to view content. Forbes is one example of a site that does this. Disabling ad blocker in this case should be okay, but never allow a site to convince you to disable your antivirus.
They make you pay for dinner…and everyone else’s dinner
One of the most popular things for couples to do on Valentine’s Day is to go out to eat. That’s been made a little trickier since the pandemic started, but luckily there are still lots of restaurants open, albeit with reduced capacity. A particularly nasty attack goes after the point-of-sale (POS) systems of these struggling restaurants. Cyber criminals can remotely hack into these systems if they have weak or non-existent security, meaning they can be used to steal consumer data and even credit card information.
What can you do to prevent POS attacks? As with so many elements of cybersecurity, it begins with securing endpoints connecting remotely to the system. These remote access services need to be configured with strong passwords and even enabled with two-factor authentication. Firewalls and antivirus software are two other must-haves. And then there is remote monitoring software that can detect any unusual activity, such as a hacker inside the system extracting payment data. Michael Kan with ComputerWorld also correctly points out that end-to-end encryption is a strong impediment to would-be hackers. He adds that frequent penetration testing is invaluable to identifying and securing any vulnerabilities.
You’ve got mail-ware!
In recent years, there’s been an uptick in a fun new way to send greetings, well wishes, congratulations, or other messages to loved ones. With music, graphics, and cute animations, these online greeting cards can give you a chuckle. As with emails, however, these e-cards can come with their own nasty surprises; they can be vessels for malware and spyware once the sender tricks you into downloading them.
When it comes to stopping these e-card scams, you’ll want to educate yourself before the holiday is here. Here’s a quick rundown of what you want to look out for: you’ll get an email with an upbeat subject line to the tune of “someone has sent you a card.” Of course, it doesn’t say who sent it, which should be an immediate red flag. The fraudulent email will also have a link or an attachment along with a convincing logo from a greeting-card company like Hallmark to look extra convincing. Authentic e-cards will include a code you can use to open it on the company’s website; look for this code, navigate on your own to the website, and punch in the code to see your card. Of course, you should also be running antivirus software and updating it (and your computer) regularly to stay safe. Now, go open some actual love letters!
They try to catfish you
Love may be in the air, but so is fraud! Your heart is on the line this Valentine’s Day, so don’t let yourself be fooled by any internet-savvy tricksters out there. You may be looking for love, but these people are looking for your assets (no, not those ones). Here’s how scammers try to get you. We’ve already seen the typical phishing attacks and e-card scams. These scammers can reach out to you in similar way over email, but they can also engage you on social media sites and dating apps. Some scams are a lot easier to catch than others: links, downloads, typo-riddled messages—these are all giveaways that the person on the other end may not have your best interests at heart (except that last one—some people just can’t type to save their lives). Then there’s the trickier scams where the person actually takes the time to develop a phony relationship with you. But the minute they start telling you how they’re hurting for money—and hey, if you could just lend them a $1,000 for their mom’s surgery, they’d be sure to pay you back on pay day—that’s when you know you’re being used.
So besides looking out for these signs, here’s a few small things you can do to protect yourself from romance scams. First, be sure to keep yourself as anonymous as possible online. Don’t share your personal information and consider using a VPN for additional privacy.
Before jumping the gun and sending money for someone’s mom’s surgery, take a step away from your device to consider if you’re being used. Valentine’s Day can be a great time to find someone, even during a pandemic, but it is never a good time to get scammed. If you think things are going well with somebody, consider going on a Zoom date to get to know the person better and to confirm they are the same person from their photos. If the person refuses but continues to ask for your money, you could be getting catfished.
Feel the love
All of these scams have the same things in common: don’t click on links that have an unfamiliar sender or that look suspicious, and only buy from sites you know and trust to be authentic. Remember, cybercriminals will pose as just about anyone to get you to trust them or act quickly so you don’t realize you’re being tricked. A brief lapse in judgment is all it takes for a thief to steal your information or hack your accounts.
Spend Valentine’s Day with the one you love, not with some would-be hacker. Following the advice we’ve laid out will give you peace of mind knowing your data and your wallet is safe. Now, who wants to buy some discount online roses?
