Audio Posts

Holiday shoppers beware: Ransomware can be just 1 click away

(KXAN) — One wrong click is all it can take for a hacker to lock your files or account and demand money.

“We got an email from someone. And we accidentally clicked on it — it looks legitimate. We clicked on it. And then it was a hacker, and they asked us to give them ransom, or they threatened to delete our account,” Amanda Wadsworth, co-founder of Tiny Pies, a small business in Austin told KXAN News.

Ransomware attackers can also threaten to reveal customers’ information on the dark web, and there’s a lot of that data right now.

“Organizations are managing about 10 times more data than they were even five years ago,” said Bobbie Stempfley, vice president and business unit security officer for Dell Technologies.

“It’s an astronomical amount of data,” she added.

She said there’s been an increase in attack attempts. In fact, she said businesses like Dell have to fend them daily.

“It’s an environment where, when you put in better protections, the threat actors work to find better ways to go work around those protections,” Stempfley said.

She said Dell is constantly doing training and simulations for employees throughout the year so they don’t fall for ransomware attacks like phishing — when hackers try to lure you via email to click on a fake link.

Holiday shoppers beware

Security company Tanium said attacks like these increase during the holiday shopping season, as hackers try to capitalize on the surge of people surfing the web for deals.

“You’re going to potentially want to look for people impersonating your brand, by stealing websites or sending out emails,” said Melissa Bischoping, Tanium endpoint security research director.

It’s not just companies that hold your data that need to watch out for attacks, Bischoping said. Shoppers should be aware, too.

“Be aware when you receive an email, maybe advertising a holiday sale. Check and go through the official app or the official website that you trust versus just clicking on the link in the email,” she explained.

She said another common holiday scam is through botnets, which grab up inventory for some of the most in-demand products so they can sell it at a markup.

Bischoping said technology has made it easier for hackers to strike.

“It’s much easier than ever for threat actors to enter the marketplace by buying these sorts of pre-built kits to deliver their malware or set up their own botnet. And that does contribute to us seeing more activity,” she said.

It all lines up with the busiest time of year for your favorite shops.

“Security staffing may be low for people who are on vacation and so the security operations team is running around like the elves at the North Pole, trying to stay ahead of the increased demand as well as the increased threat actors,” Bischoping said.

Security tips

  • If you get an email about a shopping sale, go directly to the company’s website instead of clicking on any links.
  • Keep an extra eye out this season on your credit card for potential fraudulent charges.
  • Use different passwords for different websites that you shop on, so if one company gets hacked, your financial information won’t be misused at another company.