24 Security Lessons to Remember This Holiday Season


Cybercriminals run rampant during the holiday season. For them, it’s the busiest and most profitable time of the year. Your security team may be out on PTO, employees may be distracted by year-end activities, and customers are more active online looking for holiday deals. These factors add up to the perfect storm for cybercrime.

Follow along with our series of holiday cybersecurity tips. We will be updating this blog daily and posting tips on our social media up until Dec. 24th. Think of it as an advent calendar, curated for security professionals!

We hope that this series will serve as helpful reminders to keep up cybersecurity best practices during the holiday season.

Starting off with the first lesson:

#1. If a malicious site comes back online, you should know about it. Continuous monitoring is key this holiday season (and always).

Taking down phishing sites can take up a lot of time and resources. Don’t let your efforts go to waste! Continuous monitoring, and knowing when a malicious site pops back up is KEY to ensuring the safety of your brand and customers.

#2. Don’t let manual workflows dampen your holiday sprit. Save time & effort with an automated detection and takedown vendor.

Phishing & scam sites run rampant during holiday seasons. Instead of spending your time-off manually fighting off fraudsters, there are many automated solutions that can take them down for you (wink wink: Bolster is one).

#3. Watch out for fraudulent sites using your favicon. Great detection is in the details.

Favicons- The little icon used to represent a company’s brand. Located at the top left of your browser tab.

Such a small thing is often overlooked during detection of phishing & scam sites. However, they can serve as a powerful signal in detecting instances of fraud on the internet.

Bolster’s AI is able to scan the internet for uses of your brand’s favicon (sort of like scanning a database for a fingerprint), using it as an entry point to locating fake sites.

#4. Don’t depend on blocklists to identify threats. Attackers avoid the naughty list for a reason.

Blocklists can be useful as a rudimentary approach to protect your org. against phishing scams. BUT be careful not to depend on it as your only security measure. With new fake domains popping up each day, it’s easy for cybercriminals to avoid these lists.

Supplement your defenses with an automated solution that scans for fraudulent domains on the internet 24/7.

#5. Job listing look too good to be true? Watch out for fake recruiter profiles and job posts!

Looking for an #URGENT position to be filled! #WFH, unlimited #PTO, 120k compensation with #benefits, entry level, no experience needed!

Sound too good to be true? It probably is. Be wary of fake job listings from scammers looking to take advantage of jobseekers in this economy. Recruiter’s LinkedIn profile look fishy? Trust your gut!

Companies: keep job seekers and employees safe by taking down fraudulent profiles. Bolster, Inc offers 24/7 social media monitoring and takedown solutions.

#6. Register typosquat variants of your domain to prevent future phishing sites. #preventioniskey

Don’t let cybercriminals take advantage of unregistered lookalike domains. Take preventative action to protect your brand today!

Bolster’s defensive domain registration feature helps users identify and register the highest risk typosquatting domains & monitor the rest 24/7 for malicious activity.

#7. The Digital Risk Protection market is highly fragmented. Give the gift of a platform this season.

Does your IT team deal with an overwhelming number of 3rd party security tools? Tool sprawl not only increases your overall response time to threats, but also makes your organization more vulnerable to attacks by decreasing your team’s visibility.

Give the gift of an all in one platform to your team this holiday season. Consolidate up to 5 security tools with Bolster; take action on the threats that matter.

#8. Most dark web monitoring tools belong on the island of misfit toys. Logs, logs, logs. #endlogtoil

The darkweb can be a good source of cyber threat intelligence for your organization. Criminals gather on the dark web to exchange information and stolen data, which can be good early indicators of attacks.

You need a good dark web monitoring tool to help sift through the endless amount of data. Bolster’s solution provides actionable insights that make a difference to your organization.

#9. Security teams need extra hands every holiday season. Give the gift of 24/7 support (holiday cheer included).

Cybercriminals don’t adhere to the typical 9-5 business hours. Cybercrime happens 24/7 unfortunately – and all around the globe.

Bolster’s AI never rests. Monitor and take immediate action (this is key) against cyber threats 24/7 365 days a year. Need some extra support? Bolster’s experts are also available around the clock with our Premium & Platinum support plans.

#10. If you’re manually uploading evidence for takedowns, you’re in need of a holiday miracle — automated takedowns.

Couple must-haves when reporting a website to get taken down: proof of fraudulent activity, malicious intent, and evidence of trademark/brand infringements.

It’s a good idea to provide as much supporting documentation as possible when making a request to have a website taken down. This can help to strengthen your case and increase the chances that your request will be granted.

Bolster’s AI can scan all corners of the internet for fraudulent uses of trademarks and brand assets on non-whitelisted sites. It can identify malicious intent using natural language processing (NLP). It can even capture the IP address, geo-location, registrant, and registration date. All this info is packaged neatly into a takedown request to the relevant hosting provider. Did we mention this can all be done without human intervention?

#11. Twas the night before a phishing attack… and you keep sleeping because you have automated takedowns.

I know, I know. We mentioned auto-takedowns already, but we can’t stress this enough. Speed from detection to takedown is critical when it comes to dealing with phishing and scam sites.

Automated takedowns work through the nights, weekends, and holidays, to ensure that fraudulent sites are never live for long.

#12. Eggnog tastes better when you’re not toiling in false positives. We like our eggnog with a false positive rate of 1 in 100,000.

False positives are common in security tools that are highly sensitive and have a low threshold for categorizing potential threats. These tools are more likely to trigger alerts for sites that don’t actually pose a real risk.

On the other hand security tools that are less sensitive and have a higher threshold for detecting threats may have a lower rate of false positives, but may also be less effective at detecting and blocking real threats.

You need a tool that can find the right balance between sensitivity and false positives. Luckily with Bolster you don’t need to sacrifice detection capabilities to avoid false positives. Bolster’s AI is highly accurate with a false positive rate of just 0.001%.

#13. Take down fraudulent social media accounts to prevent holiday scams.

Cybercriminals frequently use social media platforms as an avenue to spread their phishing campaigns.

They may post malicious links in comments or messages, impersonate trusted individuals to request sensitive information, or engage in more complicated social engineering attacks.

Detect instances of fraudulent activity on social media and take down fake accounts as an additional safeguard to prevent attacks and to stop the spread. See how Bolster can help.

#14. Prioritize unregistered domains based on the likelihood it will be used maliciously. You’ll save more money for gifts.

Did you know? A simple 6-letter domain can have as many as 12,000 typosquatting variants. Assuming the average cost of a domain is $10/year – thats $120,000/year in potential costs if you want to proactively purchase them all.

+ The longer your domain name, the more typosquatting possibilities.

The good news is, you don’t need to own all typosquatting variants. Strategically prioritize and purchase the highest risk domains based on threat level and cost in our platform. Then use our AI to monitor the rest 24/7 for any potential malicious activity.

Read how we’re saving one customer $484,300 over three years with this feature in our Forrester Total Economic Impact (TEI) Report.

#15. Add suspicious domains with MX servers to your company’s naughty list –and check it twice!

Evidence of a DNS MX record paired with an already suspicious typosquat domain should immediately raise red flags. Active MX records indicate the possibility that the domain may be used for phishing emails. Implement spam filters to block inbound emails coming from that domain. Continuously monitor the site for additional signs of suspicious activity.

#16. Just like Santa’s reindeers, it takes a whole team working together to keep things in check.

Make sure ALL company employees are aware of cybersecurity best practices. It takes only one employee to fall for a phishing link for sensitive company information to be breached.

#17. Educate your customers on how to spot Grinches impersonating your brand.

Ensure that company contact information is consistent and present across your site and socials. Customers should know to only click on links sent from official communication channels.

#18. Beware of suspicious holiday e-mails in your inbox.

Cybercriminals can get creative this time of year. Phishing emails can come in the form of holiday e-cards, emails asking for charitable donations, “HR” asking employees to update insurance information before year-end, and more. Always verify the identity of the sender, and check links in a sandbox environment like checkphish.ai (a free community tool by Bolster).

#19. It’s okay to be a Scrooge at times. Criminals love to prey on nice people using social engineering tactics.

Criminals like to prey on the good nature of people to get them to fall for scams. They rely on common human behaviors like: wanting to please a boss, be helpful to coworkers, stay out of trouble, and more. Don’t be afraid to simply refuse any suspicious asks for personal or sensitive information.

#20. There’s snow place like Telegram for spreading breached credentials.

Telegram is a breeding ground for cybercriminal activity because of its intense privacy features. It’s usually the first place criminals go to discuss and hatch their evil scams. Bolster is the only security vendor that is able to monitor Telegram for early signs of data breaches. Learn more in our blog on Telegram.

#21. Keep your social media presence in peppermint condition.

Cybercriminals glean information about their targets through social media. There, they can learn personal details about the person they’re trying to imitate, or the person that they’re trying to deceive, to make any communications seem more legit. Keep your social media free of information that shouldn’t be public!

#22. Get fake and suspicious mobile apps “the elf” out of your phone.

Fraudsters can create fake, malware-laced apps, and post them on major app stores. If an app has no reviews, or doesn’t look like it was created by an official source, don’t risk downloading it.

If your organization is experiencing the problem of fake apps impersonating your brand, learn more about our App Store Monitoring Solution.

#23. Elfish fraudsters look to glean profits with Fake Google Ads.

Many consumers don’t realize that ads on Google can be fraudulent. Fraudsters have been caught impersonating well-known brands on Google Ads, then directing users to a lookalike domain. Learn more about how it works in our blog post.

If you made it to the end of this list, you’re already on the right track. Keep coming back to bolster.ai/blog. We post about the latest in cybersecurity so that you can have information on how to keep your company, employees, and customers safe.

About Bolster:

At Bolster, our mission is to make the internet safe for everyone. That’s why we created the first and only fully automated platform purpose-built from the ground up to detect, monitor, and take down fraudsters on the Internet. We call it Automated Digital Risk Protection. Our comprehensive platform offers the most efficient protection across web, social media, app stores, and the dark web to combat fake phishing sites and content.

Curious about the security of your domain? Request a Free Domain Risk Report

Share this on your socials!