How to Mitigate Cyber-Attacks on Cyber Monday

November 23, 2022

Cyber security remains a priority for any organisation, and with increased online activity, comes increased risk.  Research into spending habits around Black Friday and Cyber Monday predict that UK shoppers will spend an estimated £3.95bn during this shopping sales event.  Whilst this is down almost 20% from the 2021 spend, due in part to the ongoing cost of living crisis in the UK, Britons are still anticipating spending an average of £190 per person on the sales.

With only 10% of shoppers planning to spend their money exclusively in-store, the majority of the almost £4bn spend will be made online.

Table of Contents

What does this mean for your organisation’s IT security?

Increased online activity and the fear of missing out on deals, can lead to careless user activity and lack of due diligence compared to normal online practices.  As an organisation, you can mitigate this risk through robust IT policies, cyber security systems investment and, importantly, educating and informing your staff through cyber security training.

How you can mitigate the risks of a cyber-attack in your organisation

Vero HR is on-hand to provide expert advice and support with creating or revising your current employee policies and can provide access to core online training modules in this area.

The rise of remote work has brought new challenges to employee safety, particularly when it comes to cybersecurity. Cyber Monday is a high-risk period for cyber attacks, and it’s crucial for employers to take steps to protect their employees’ personal and company data. However, it’s not just cyber attacks that employers need to be concerned about – they also have a responsibility to ensure their remote workers’ safety in general.

Hints and tips for online shoppers

Be on the lookout for ‘fake’ websites and check website security

One of the most common ways for cybercriminals to dupe customers online is to create copies of legitimate websites, that may look identical to the ‘real’ version but will be there to trick customers into giving away sensitive personal information, including bank details.  Although not fool proof, there are quick checks online visitors can do to lessen the risk and ensure they are using legitimate sites, such as looking out for common words being misspelled or links redirecting users to hidden websites.

Best practice will also state only using secure websites when online shopping and also helps to authenticate users are actually visiting authentic websites.  Users can check this easily by looking at the URL and checking that it starts HTTPS:// rather than simply HTTP:// and that it also shows a padlock symbol.  These checks confirm the website is secure and encrypted. Your anti-virus software should also be set to identify suspicious and compromised sites.

Watch out for ‘phishing’ emails

People are far more familiar with ‘phishing’ emails, but criminals are still able to cause havoc, by tricking users into giving up protected data and personal information which is used to defraud the user.

Business email compromise attacks are currently the biggest form of cyber-attack being dealt with by our cyber security colleagues.

These attacks are most commonly committed by attackers sending users correspondence online – which may look legitimate – but will ultimately redirect the user to an unsecure site or present them with a Microsoft or Google login pane, where users credentials such as a username and password are requested and subsequently compromised.  Emails often appear to come from people you may know, or a reputable Company, and will often have a message that suggests taking urgent action.

It is important therefore to remain extra vigilant and think;

Watch out for pop-up ads and links

When you are surfing the web, be on the look out for pop up banners and adverts – these can sometimes be legitimate but may redirect you to unsecured pages which leave you open to a cyber-attack.

In the same way as phishing emails, these are designed to trick recipients into clicking on harmful links or inadvertently entering privileged information.  You can follow some of the points above, looking to see if it appears genuine – often pop-ups will claim to deliver an offer which is time-limited and instils a sense of urgency.

Stay vigilant, and if it doesn’t look right – don’t click on it!


If your company would benefit from HR support or soft skills training in this area, Vero HR can help. We can provide you with dedicated HR solutions to effectively manage your workforce and assist with your small business HR requirements. Contact us to find out how we can help your organisation.

Sign up to our newsletter!