12 security tips of Christmas

A christmas themed photograph of white background with Christmas tree branches, holly, ivy and mistletoe. Parmenion's Spotlight on Infosec logo sits in the middle

In our final Information Security article of 2022, Sarah Coles gets into the festive spirit and shares her 12 ways to stay safe online this Christmas.

1) Enjoy your holly-days with a secure out of office (OOO) reply

Set up different OOO replies for internal and external recipients, keep sensitive or personal details to a minimum, and avoid specifying annual leave.

2) Let the warning bells ring as you remind your loved ones about popular scams

Warn vulnerable family and friends about any new scams, like the WhatsApp and Amazon Prime scams we highlighted in our previous articles.

3) Yule be sorry if you don't back up your files - especially all those precious photos of your pet in their Christmas outfit

Backing up your files regularly means you won’t lose your data if your device is lost or stolen.

4) Love is all around, but your personal info won't be if you avoid connecting to a public Wi-Fi

Resist the temptation to use free Wi-Fi when you’re out and about. If you absolutely must use public Wi-Fi, always use a Virtual Private Network (VPN).

5) Stuff up attempts to ruin your Christmas spirit by signing up to identity monitoring

Protect your identity by registering for an ID monitoring service such as ClearScore. You’ll be notified if your information is available publicly or being sold on the dark web, and alerted to breaches.

6) Look out for bad Santa in online marketplaces such as Facebook, Gumtree or Vinted

If something sounds too good to be true, it probably is. When shopping for gifts, check seller profiles for user ratings, profile creation dates and reviews. Keep conversations within the platform you’re buying from and only use trusted payment methods. Bank transfers are commonly requested by fraudsters.

7) Oh deer - keep watch for package delivery scams

With many of us expecting Christmas deliveries at this time of year, scammers often send package delivery texts and emails to trick us into providing personal and payment information. Legitimate companies won’t ask for payment via text or email, contact the company directly if you’re in any doubt.

8) Have the final sleigh - check your devices' privacy settings before shopping

Make sure you can change the default username or password and apply security updates to your device. Disable unused features and review information being shared with third parties.

9) Make room at the log inn with a secondary guest network for your Christmas visitors

You can’t control what apps or devices your friends and family install this Christmas, so set up a separate guest network with a different password for them to use. Then, if an attacker compromise one of the devices connected to the guest network, they won’t be able to control your primary network. 

10) Last Christmas I gave you my password - use a password manager to make sure the very next day it's not given away

Criminals often sell compromised passwords found on the dark web – sign up to haveibeenpwned.com to see if your account has been breached. To stay protected, set unique passwords for each account. Using password manager will make this a lot easier.

 11) Time to spruce things up – enable Multi-Factor Authentication (MFA)

MFA is one of the simplest and most effective ways to protect your data. With MFA, a password alone won't be enough to access your accounts - learn more here.

12) Make a new year’s resolution - keep up to date with scams and threats

Sign up to the Cyware Weekly Threat Briefing newsletter for weekly updates about the top vulnerabilities and recent scams. And of course, I'll continue to share my Information security findings in 2023!

I hope you’ve found these articles useful this year, and wish you and your families a Merry Christmas and a very happy 2023.

This article is for financial professionals only. Any information contained within is of a general nature and should not be construed as a form of personal recommendation or financial advice. Nor is the information to be considered an offer or solicitation to deal in any financial instrument or to engage in any investment service or activity.

Parmenion accepts no duty of care or liability for loss arising from any person acting, or refraining from acting, as a result of any information contained within this article. All investment carries risk. The value of investments, and the income from them, can go down as well as up and investors may get back less than they put in. Past performance is not a reliable indicator of future returns.