Awareness is key – Why Black Friday can be a disaster for IT security

The holiday season is here, which not only means a lot of shopping trips, but also an increase in online activity. Black Friday is the perfect day to grab a great deal, but it’s also when cybercriminals seize the opportunity to exploit the increase in online traffic and decrease in user vigilance. Blurring the line between the personal and professional use of devices poses a serious security risk for organisations and IT departments often unintentionally find themselves in the line of fire.

Commercialism and digital vulnerability.

Black Friday sees phishing attacks taken to a much more aggressive level with cyber criminals seizing the opportunity to capitalise on the shopping frenzy to increase the number of attacks. That means that e-mail you received from the well-known brand may not be from them at all. Employees who hunt for bargains on their business devices or use their business e-mail addresses are at risk of clicking on a phishing link, which can lead to malware infections such as ransomware. The result can be enterprise-wide attacks that hold valuable data and business processes hostage with far-reaching implications ranging from downtime and lost productivity to data breaches and damage to a company’s reputation.

The IT security challenge – Balancing the personal with the professional

It’s becoming increasingly difficult to separate personal and professional use of devices and e-mail addresses as employees work from multiple locations, creating vulnerability in the IT environment. One risk is posed by using business devices to make private purchases. If an employee receives a deal to their personal e-mail address and opens it on their work device, they can cause a malware infection to quickly spread throughout the corporate network. Phishing attacks targeting login credentials can compromise business accounts, allowing attackers to access corporate information and launch further attacks within the organisation’s network.

Awareness as the first line of defence

Technology alone isn’t enough to overcome these risks. While tech-based security measures such as e-mail filtering and endpoint protection are essential, raising awareness among employees is the key to stopping phishing and malware in their tracks. We offer phishing simulations and run awareness campaigns to open your employees’ eyes to the risks presented by days like Black Friday. Our courses focus on identifying suspicious e-mails and building an understanding so that employees can separate professional and personal devices and e-mail addresses.

A spotlight on Black Friday.

Days like Black Friday call for a growing need to focus on security. IT departments can run phishing simulations to help employees detect fake offers, but it’s also important to have clear guidelines on using business devices for personal purposes as this will significantly minimise risks and prevent company’s IT infrastructures from being exposed to attacks originating from a staff member’s private life.

Conclusion – Leveraging technology and raising awareness as the keys to success

Major shopping days such as Black Friday can pose a serious threat to organisations’ IT security and using business devices and e-mail addresses for personal reasons makes a company more vulnerable to cyberattacks. The impact of a successful attack can be significant—ranging from a malware infection to the loss of business-critical data. The solution? Combining technology and awareness. IT departments must optimise their security systems and make employees aware of the risks, training them in how to be safe online—critical during periods such as Black Friday. Businesses that take this challenge seriously can better protect themselves against growing threats.

Want to find out more?

Nicholas Baker

Solution Consultant Security

T +31 8870 784 60
nicholas.baker@bechtle.com / security.nl@bechtle.com

Joris Rooijackers

Solution Consultant Security

T +31 631 149517
joris.rooijackers@bechtle.com / security.nl@bechtle.com