Black Friday is traditionally the day after Thanksgiving in the USA, which marks the start the holiday season. In recent years it has also become a day full of special shopping deals and big discounts both on-line and in-store.
Due to the internet, Black Friday has now spread across the globe and has since led to Cyber Monday – a marketing term for e-commerce transactions on the Monday after Thanksgiving.
In 2022, the dates fall on Friday 25 November and Monday 28 November and experts predict consumers in the UK will spend a total of £8.71 billion over the course of the Black Friday. The cost of living crisis could lead to reduced spending, but equally, more may try to access deals to save money, and even more importantly – those desperate for money may turn to cybercrime to make an income!
What is the risk to businesses?
As Friday and Monday are traditional working days there is a risk that your employees may use work IT equipment or use their own devices to connect to the internet via a workplace IT network in order to access the huge range of enormously discounted goods.
As we all know, cyber fraud is increasing in prevalence and these con artists will be trying every trick in the book to capitalise on the distracted mindset of the frenzied shopper to send victims links to offers that look like they are genuine, when in fact their sole purpose is to steal data or infect systems with viruses.
If you allow your employees to use company IT equipment or IT network to shop for deals, this could leave you vulnerable to attack.
As a business you should already have a well-documented IT Policy and have ensured your staff fully understand the terms and conditions of use for company IT equipment.
In the lead up to Black Friday and Cyber Monday it is worthwhile reminding them of this policy and the enhanced dangers and fraud risk that accessing deals online may have on by using both company and their own personal IT equipment.
Typical scams and precautions include:
- Fake offers that look like genuine emails or websites – if you see an offer go direct to the real retailers website by manually typing their url in the web browser
- Phishing – avoid clicking links in emails
- Only buy from brands you trust and respect and double check the website url is correct
- Be aware of form jacking – when entering name, address or payment details in a form ensure the url is correct
- Be wary of pop ups warning you that your computer is now infected
Remember if a deal looks too good to be true – it probably is!
Whilst most businesses will have conducted a risk management review in order to mitigate against the threat of a cyber attack affecting their company, most businesses now have specialist cyber insurance to help them with financial costs and any potential liability claims.
The main aim of a cyber-attack is to hack into your IT systems to steal or restrict access to data or disrupt operations. Very often a ransom fee to requested to restore access. The resulting damage can be devasting as businesses have to deal with business disruption, lost revenue and litigation.
We read reports on a daily basis about companies of all sizes becoming a victim of cybercrime which proves that no-one is 100% immune to the risk and impact of a cyber attack. As a result, cyber liability insurance has become an essential component in most risk management and insurance programmes.
Cyber liability insurance policies are tailored to meet your company’s specific needs and can offer a number of important benefits, including the following:
- Data breach: If your company becomes the victim of a data breach you are required by law to notify affected parties. Cyberinsurance will help you mitigate the cost of these activities.
- Business interruption: A cyber-attack can lead to an IT failure that disrupts business operations. Cyber Insurance may cover your loss of income during these interruptions.
- Ransome attacks: Ransomware and similar malicious software are designed to steal and withhold key data until a fee is paid. Cyberinsurance will help you determine the best way to restore data.
- Investigative support: Best practice after a cyber-attack is to investigate the security breach to determine the extent of the damage and what led to it. Cyber insurance may reimburse for costs related to forensic investigation and getting expert advice and 24/7 support from cyber specialists.
It is worth bearing in mind that general liability policies don’t always protect from losses related to data breaches. By having a specialist cyber insurance you will have peace of mind that in the event of an attack the financial and reputation of your company is protected.
If you would like more information about cyber insurance please get in touch.