5 Valentine’s Day cyberthreats you need to protect your business from

5 Valentine’s Day cyberthreats you need to protect your business from

Every February, online activity increases because of people looking to buy Valentine’s Day gifts for their loved ones. Sadly, cybercriminals are looking to break hearts instead by creating Valentine's Day-themed cyberthreats that affect both customers and businesses. Let’s take a look at the top five threats this month of love. We'll show you how they work, as well as ways to protect your organization from them.

1. Fake order confirmation emails

This scheme involves cybercriminals sending people fraudulent email confirmations for Valentine’s day gifts purchased from legitimate stores. While the email’s invoice attachment doesn’t contain malware, it contains a link that when clicked on, displays a page that imitates a legitimate online store.

If a user wants to find out why they were sent an invoice when they didn’t place an order, they might head to the website’s “Contact us” page. Once they do, however, they would be redirected to a page that will download an Excel sheet containing a macro. If the user enables macros, the file will download malware that can result in data theft or corruption.

If you regularly receive confirmation emails, refrain from opening them unless you are expecting them. Also, before you click on any link, check the target address by mousing over it. Lastly, do not enable macros on Office documents unless you trust the source of the file.

2. Malicious ads

Threat actors may also place legitimate-looking Valentine’s Day gift store ads on websites like Facebook, YouTube or Google. If a user clicks on an ad, however, they would be redirected to a malicious website that will either corrupt or steal their sensitive data.

To protect your business from such malware attacks, only click ads from established eCommerce platforms like Amazon, eBay, and keep your antivirus programs updated. Once an attack is detected, an antivirus will immediately block it. Finally, implement multifactor authentication (MFA). MFA requires account owners to enter another proof of their identity aside from a password like a one-time passcode, security key, or a fingerprint scan. So even if a cybercriminal gets a hold of a user’s login credentials, they won’t be able to access the account without providing the subsequent authentication factors.

3. Point-of-sale (POS) malware

According to Comodo Cybersecurity, one of the greatest Valentine’s Day cyberthreats is POS malware. This infiltrates compromised or improperly secured POS terminals and scans the random access memory to steal payment information. The data is then sent to a server where cybercriminals can use it to commit financial and identity theft.

Prevent your POS terminals from getting infected with such malware by allowing only specific apps to run in them. Install a firewall to block cybercriminals from gaining access to your network. Keep your programs updated as well to prevent attackers from exploiting software vulnerabilities to infiltrate your network.

4. Fake love letters

Cybercriminals also exploit Valentine’s day to spread ransomware. Back in 2019, researchers identified malicious emails with subjects like “This is my love letter to you,” or “Wrote my thoughts down about you.” The emails contain a ZIP file which, when unzipped, would infect the victim’s system with ransomware. Cybercriminals would then demand $2,500 per victim.

Protect your business from ransomware by staying away from suspicious websites and refraining from opening unsolicited emails. Also, keep copies of your important files in off-site servers or external storage devices like external hard drives and memory cards. Because these data backups are not connected to your IT network, they cannot be infected by ransomware. Make sure all of your programs are updated to prevent ransomware from exploiting software vulnerabilities.

5. Romance scams

Many people use dating apps or social networking sites to find a partner. But instead of finding romance, some encounter scammers looking to steal their money or sensitive information. In fact, the FBI received more than 1,800 romance scam complaints in the first six months of 2021, resulting in losses of more than $133 million.

In romance scams, cybercriminals create fraudulent dating profiles using stolen photos and data, then build an online relationship with their victims. Once trust is established, they will fabricate a health issue or family emergency, and ask the victim to send money. If the latter falls for the scam, the fraudster may ask for more money or stop responding to messages, leaving the victim emotionally and financially devastated.

This is why you need to be careful when interacting with strangers online. Remember to never send money or personal information that can be used for theft. If the person you’re talking to asks for your banking information, block them immediately.

Show some love to your business by ensuring that it’s always protected against cyberattacks. Founders Technology Group can help! We will provide round the clock network monitoring to detect and resolve threats before they disrupt your business. To learn more about our services, book a complimentary consultation today.