Protecting the SMB from Holiday Cyber Attacks

The holidays aren’t just a great time for shopping and deals; the season creates the perfect opportunity for cybercriminals to launch unsuspecting attacks. The Cybersecurity and Infrastructure Security Agency (CISA) just issued a warning about those threats earlier this month. With everyone on the hunt for Black Friday and Cyber Monday deals (which are just the beginning), it is no wonder that cybercriminals take advantage of this season.

From cloned websites, fake charities, and mock order confirmations, you can bet organized attackers will be pulling out all the stops to fool as many unsuspecting people as possible. Every MSP should be warning their clients to be on the lookout for these types of scams and phishing attacks. The SMB is a prime target.

Don’t think your customers are at risk? Think again. While MSPs typically manage corporate accounts, you have to assume some of your clients’ employees use their work email for personal use or open attachments received through Google or Yahoo on company-owned computers. No matter what policies are in place, assume the worst, and you won’t be disappointed.

Protect your clients with a layered security approach, implementing a variety of software and assorted precautions to lock down the environment. Ensure that employees understand what to look for and keep them apprised of the latest scams, especially during the busy holiday season, when good deals look too good to be true (even if it does look like a legitimate Amazon or Macy’s link).

Enhance Email Security Protection

The most obvious way to protect your client’s staff from potential threats is through data protection measures like email filtering. MSPs can help their SMB clients stop spam, viruses, and malware with a comprehensive filter and spam blocker. Any message containing harmful or policy-violating content is held for review and can be released if deemed safe.

Of course, detecting and quarantining content is not enough to keep hackers at bay. You should also ensure your clients implement outbound filtering so sensitive information (i.e., financial data, proprietary secrets, employee info) is not accidentally or intentionally sent out via email.

Without these first lines of defense, anything and everything could enter and leave your clients’ workplace over the internet. Cybercriminals are constantly looking for new and better ways to circumvent protection measures, so your team must stay vigilant in monitoring and stopping potential threats.

Conduct Ongoing Training

One of the best ways to ensure employees don’t click on a link or accidentally download malware is through education. They cannot protect themselves from what they don’t know or don’t understand. While staff members should receive regular phishing training throughout the year, it is very important to change up the messaging during the holidays as phishers will be doing the same.

One effective policy is to avoid clicking on all links. Accessing a fantastic Amazon or Walmart deal through a hyperlink in an incoming email message is just asking for trouble. Companies (or the MSPs who provide this support) should suggest that users log in to their accounts directly to take advantage of promotions. It doesn’t take any longer and ensures they avoid malware-infected links.

Another popular scam involves charitable donations — since giving to these nonprofits is especially common this time of year. Make sure your clients understand that cybercriminals often take advantage of the giving season and know what to look for in phishing emails. Again, they can always send in a check or donate directly to most organizations using secure payment portals.

No one particularly enjoys training sessions. However, MSPs can make it more palatable by changing up the approach. For example, gamification may generate more interest and help staff members improve their security IQ.

Boost profits and recurring revenue

With an increase in threats comes an increase in potential sales. If your clients are aware of the security risks associated with the holiday season, it will be easier to upsell them on additional email security and training programs.

Phishing, ransomware, malware, and other incidents last year-round and give your MSP that added recurring revenue. The holiday season scams help boost the urgency with your clients and raise awareness of the issues they should be addressing 365 days a year.

Are you ready to get started providing the perfect suite of products to protect the most valued communications platform (email) for you and your clients? Partner with Mailprotector and take advantage of intuitive features such as CloudFilter, SafeSend, XtraMail, SecureStore, and Bracket. Learn more about our partner program and all the great protection solutions you can offer at