As the holiday season draws near, you’re probably doing a lot of shopping, and a lot of that shopping’s probably happening online. Unfortunately, that means that now’s a prime time for cybercriminals to carry out phishing activities. By phishing, we mean trying to steal your credit card and financial information, or passwords to important accounts, or getting you to download spyware. I know that I’m getting a higher amount of spam text and emails, and even robo-voice phone calls, and I’m not the only one. If you’re interested in a career in helping secure users against this stuff, it’s something you can earn through Centennial College’s Cybersecurity Program. But for now, here’s what to look out for around the holidays.
You can ignore any emails and texts about packages not being delivered
Hackers jump on current trends, and right now, a lot of us are waiting on gifts to arrive, which means the latest scam messages will tell you about a package not being delivered, or that it can’t be delivered without additional information, adding that you need to click a link to submit information to complete the delivery, or else it gets sent back. Let me tell you, if you get messages about this, you can always ignore them. You know why? If Canada Post, or Purolator, or UPS try to deliver a package to you, but can’t, then they’ll stick a physical paper notice on your door, or in your mailbox. Not every email or message you receive will be fake, but the real ones always come with that piece of paper, so you can safely assume everything else is a scam.
Beware of anything with a sense of urgency
This is true right now with package delivery scams, and it’s also true the rest of the year, when scammers will pose as an important organization like a bank, PayPal, the CRA, or some other provider you need to log into, like Netflix. They may tell claim there’s some sort of emergency, or your account or money has been locked, and that you need to enter your login information, by clicking on a link. The key thing is that it’s something you need to do right now, or else something bad is going to happen. This is another good way to tell that a message is scam, because the real organizations would contact you more directly, and wouldn’t use language designed to make you panic, or act quickly. The same goes for if there’s a prize, or a tax rebate, or cash to be claimed. The ultimate goal is to get you to click a link without checking. One reason they’ll try and induce that panic is so that you don’t think about it too much, and do something like:
Check the spelling and grammar
This is pretty simple. Be it an email, or a text message, if there’s even a single typo, or odd bit of grammar, or even strange phrasing, it’s fake. A real message from a company, shipping service, or the government would not have a single error in it. Be sure to check the disclaimers at the very bottom of the email!
Check the website directly, instead of clicking the link
Phishing emails will typically appear to be from popular retailers and shipping service, and want you to click a link. They’re usually fake, but if you really want to be sure, just ignore the link, and go directly to the website on your own. Amazon says there’s a problem with your shipment? Close the message, go to Amazon, and check on your end. UPS is saying they need to verify your information? Go to the UPS website without clicking the link, and plug in your tracking number yourself. Banking information locked? Close the message, and go to your bank’s website. Netflix account says it has issues? Turn your TV on, and log into Netflix. If there was really a problem (and there almost definitely isn’t), you could just fit it directly with Netflix.
Make Cybersecurity your business
Like it or not, Cybersecurity is everyone’s business. It’s something we all need to think about these days, whether it’s personal security, or the security of a business.
But there’s also an opportunity for you to become a part of that business, with a career in Cybersecurity, gained through Centennial College’s Cybersecurity program. This is a one-year graduate certificate program for students with a computer tech-related diploma or degree. Students learn how to protect networks and computers from malicious people and programs through our modern cybersecurity labs, turning you into a well-educated security professional, ready for a career in cyber security. But for now, stay aware this holiday season, stay safe, and think before you click!
Written by: Anthony Geremia