Black Friday beware: Cyber experts warn about malicious malware at work

Last year, 40 per cent shopped from their desks at work on Black Friday

Cyber security experts, T-Systems, has issued a warning that the millions of employees who will shop online at work for Black Friday deals will put their companies at risk of malicious malware and hacking.

“This week we should all expect an influx of hoax emails amongst the many legitimate Black Friday deals. Many will contain malicious code or phishing scams in an attempt to use Black Friday as a cover to persuade people to open unsolicited emails”, explains Scott Cairns, Head of the UK Cyber Security Practice at T-Systems.”

“Businesses tell their employees not to use their office PCs for personal use, but many will ignore this because they don’t realise the seriousness of the risk from opening such emails,” Cairns added.

Last year research by Beaming found that over 40 per cent of people shop from their desks at work on Black Friday. The risks from employees being unaware of the threats from lax personal email security, are highlighted in new research by T-Systems into the cyber security practices of over 2000 UK employees, at a range of organisations (Click here for full details). Its findings included:

Over a third don’t know that their Desktop computer can easily be infected with a virus from an email
– This stat is particularly concerning to employers, especially this week as their employees’ inboxes fill with malware infested Black Friday emails

Steps employers can take to reduce the risk are:

• Warn employees of the different types of cyber threats and highlight the severity of a potential cyber breach
• Provide examples of what possible malware-infected emails look like so that employees learn how to spot a potential threat
• The T-Systems report revealed that only a third of employees have had cyber security training in the past year (34%) and nearly 30% never at all
• Cyber security training should be made compulsory for all new starters and all employees should have annual cyber security refreshers to combat the evolving nature of cyber threats
• Cyber security protocols need to be followed throughout the company, training and refreshers should not be exclusive for new or junior employees but all the way up to C-Suite executives.