This year, retailers are anticipating a high volume of shoppers and are promoting their offerings through a flurry of digital messages.

As your employees wade through the influx of potential purchases, your organization’s cybersecurity risk increases with every opened email.

To help protect against these vulnerabilities, here are three actionable tips that can be the difference between a cyber attack and a regular day at the office.

Update Security Software Ahead of Holidays

Is your antivirus and security software up-to-date?

Security software providers release continuous updates to address evolving vulnerabilities. To ensure your organization is protected against any potential threats, you must:

  • Install the latest antivirus
  • Install all operating system patches
  • Install latest web browser versions across your organization

By ensuring that these three systems are current, you make an impactful step toward ensuring that your available defenses are in place.

Educate Your Workforce About Phishing Attacks

Phishing attacks are sophisticated and can come in the form of an email, a tweet, or a direct message on social media.

In fact, 33% of cyber incidents begin with a phishing attempt.

The holiday season has historically seen an increase in phishing attempts, including emails and messages offering last-minute deals and prizes that can lure your employees into following a malicious link.

This year, Twitter users have experienced a sharp increase in phishing attacks, a trend that will only continue as we move closer to the holiday season. These phishing attempts include the standard fake charity donation sites and exclusive-access sales, as well as attempts to steal Twitter credentials.

Gaining access to verified accounts with larger audiences enables hackers to encourage followers to engage with malicious content and to exponentially expand and amplify existing phishing attempts.

As a cybersecurity professional, you’re well aware of the many ploys used by malicious senders. That awareness, however, may not extend across every role at your company.

While some may view employees as a vulnerability, they can be a crucial line of defense in the war against phishing. It is important to create a system that allows users to share phishing emails with your security team quickly and easily.

This system could be something as simple as asking them to forward suspicious emails to “[email protected].” You also want to ensure users feel safe reporting phishing, even if they clicked a link. If you take a “blame the user” stance, employees will be less likely to report phishing attacks that could have made it past your filters and defenses.

Proactively Prepare Your People

While implementing phishing attack training can serve as a reactive threat defense, you need cybersecurity solutions that are reactive.

When you partner with Immersive Labs, you can respond faster to cyber incidents with pressure-tested teams that regularly practice responding to real-world crisis scenarios.

From identifying skill gaps to improving incident response times, Immersive Labs enables you to gain visibility into your current people-centric cybersecurity posture and measure improvement over time.

To learn more about how Immersive Labs delivers people-centric cybersecurity solutions that can protect you against threats today and tomorrow, click here.

Check Out Immersive Labs in the News.


December 1, 2022


Kevin Breen

Director Cyber Threat Research