• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Four Tips to Fight Malware on Black Friday and Cyber Monday

November 14, 2014 By The Editor

13904995945_7612901f95_z

Black Friday and Cyber Monday continue to be spectacles. Brick and mortar stores are now opening on Thanksgiving Day, and Cyber Monday deals are extending through the following week. Amazon.com is getting into the game even earlier, declaring November 1 as the new official start of the holiday shopping season. As these holiday shopping deals begin to appear, more and more workers are shopping online while connected to corporate networks. This puts them at risk to find more than just holiday deals on the web – many will fall victim to holiday malware.

It’s no secret that malware is a growing concern for corporate networks, and increased non-business traffic during the holiday shopping season compounds the issue – especially as major deals and discounts become competitive. The result creates an ideal environment for email and web-based phishing attacks that lead directly to malware.

A prime example is a rise in FedEx and UPS email phishing attempts during the holiday season. We’ve all seen the emails. “Your package has shipped. Click here to for tracking information.” Only, the link doesn’t lead to FedEx or UPS – it leads to malicious malware. These email phishing attempts are prevalent enough that FedEx and UPS both now offers samples of the latest attacks for consumer awareness.

Screen Shot 2014-11-03 at 2.13.19 PM

It’s no surprise that security threats increase dramatically during the holiday season and are planned to coincide with Black Friday ads and Cyber Monday shopping. Will your security controls and protocols be ready? To help prepare, keep these four tips in mind:

1 – Signature-Based Antimalware May Not Be Enough

Attackers today morph their malware regularly to allow the same threat to repeatedly get past signature-based antivirus and antimalware solutions. WatchGuard still recommends you use antivirus and antimalware as a layer of defense against high-threshold malware. But, you also need modern antimalware solutions that can catch botnets, Trojans and worms that have never been seen before (without waiting for new signatures). Consider sandbox or payload analysis solutions like WatchGuard’s APT Blocker.

2 – Change Control Lockdown

Many organizations are locking down their change controls even further during Black Friday, Cyber Monday and throughout the holiday season. Some even hold out until February 14 and the Valentine’s Day rush. Reviewing your configuration and making necessary changes now can put you in a better position to handle any malware issues – or even prevent them from happening in the first place.

3 – Block Malware Control Connections

Even if you have great technical defenses, advanced threats can find a way to walk right through them. You need security solutions that can detect malware that has breached your perimeter – tools that can monitor outgoing traffic for malware connections to command and control channels. WatchGuard’s WebBlocker, for example, can prevent advanced malware, botnets, Trojans and worms from reaching their control servers. The result can defang these potentially dangerous threats even after they’ve reached your organization’s computers and network.

Also be sure to review your firewall security policies to find any unexpected traffic leaking through policies. PolicyMap in WatchGuard Dimension provides a quick and easy visual of policy use (and effectiveness) on your network.

4 – Stay Up-to-Date

Review and update your security policies frequently. Security threats appear and evolve rapidly, and malware is particularly slippery during the holiday season. You need to stay up-to-date on the latest leaks, fixes and patches. We provide a weekly overview on our blog. Subscribe to receive email updates and you’ll receive each update in your inbox.

Make sure your workforce can make the most out of Black Friday and Cyber Monday without jeopardizing critical network systems and data. Malware is a gift that no one should receive.

Share This:

Related

Filed Under: Editorial Articles

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Cybersecurity’s Toll on Mental Health

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use