SIDECHAIN INSIGHTS
The Sidechain team wishes all its customer’s and their families a very Happy Thanksgiving! As we approach Black Friday and Cyber Monday, now is the time to be more vigilant than ever. November and December are the biggest months for cyber attacks with the increase in online shopping and financial activity, creating more phishing opportunities. Stay safe and be on the lookout!
QUICK TAKE
- In November 2025, significant cyberattacks have targeted various sectors globally, with notable incidents affecting government agencies, universities, and private companies. Concerns have also been raised about the increasing use of Artificial Intelligence (AI) in orchestrating cyber campaigns. Major incidents include: Princeton University (donor and alumni information), NY State Texting Service, US Congressional Budget Office, Jaguar Land Rover (the costliest cyberattack in UK history).
- November 30 is National Computer Security Day and highlights the importance of everyone proactively protecting their online security whether it’s in your business or personal life. Read more to learn about the history of this day and the notorious “Morris Worm”. The article also includes a list of ways to observe the day from passwords to encryption!
QUIZ
ILet’s see how ready you are for Black Friday and Cyber Monday attacks! The first five people to send their correct answers to us here, will receive Sidechain swag!
1. Which Thanksgiving-related scam becomes more common during holiday travel?
A. Fake airport Wi-Fi networks
B. Phishing emails about leftover turkey recipes
C. Ads for discounted carving knives
D. Calendar invites for fake family dinners
2. You receive an email offering a “FREE $100 Thanksgiving Grocery Card from Safeway.” What’s the biggest red flag?
A. The email is in all caps
B. The sender’s address is a random Gmail account
C. The photo of a turkey looks low-quality
D. The subject line mentions “holiday gratitude”
3. Which tactic do scammers often use in fake Thanksgiving charity campaigns?
A. Asking only for non-perishable food items
B. Urging “donate now before midnight!” to manufacture urgency
C. Offering free cooking lessons
D. Asking for leftover mashed potatoes
4. You’re shopping online during Black Friday and a website offers a 90% discount on a popular air fryer. What’s the safest next step?
A. Buy it before the deal disappears
B. Screenshot the deal for friends
C. Check if the URL is secure and research the retailer’s legitimacy
D. Click all the pop-up offers for bonus coupons
5. What’s a common sign of a Thanksgiving-themed smishing (SMS phishing) attack?
A. A family group chat asking what time dinner starts
B. A text from your bank warning of “holiday spending verification” with a suspicious link
C. A text from your cousin asking for your pie recipe
D. A local grocery store promoting cranberry sales
Keep scrolling to see if you got it right!
INDUSTRY TRENDS & NEWS
- By 2030, more than 40% of global organizations will suffer security and compliance incidents due to the use of unauthorized AI tools, Gartner has predicted. The analyst said a survey of cybersecurity leaders earlier this year revealed that 69% have evidence or suspect that employees are using public generative AI (GenAI) at work. It warned that such tools can increase the risk of IP loss, data exposure and other security and compliance issues. These should be well understood by now. Does your organization have clear standards for reviewing and documenting AI-generated assets and tracking debt metrics in IT dashboards? Click to read more about Shadow AI
- Many were affected by the CloudFlare outage on November 18th. In good news, it was not the result of a cyberattack. In bad news, major online services such as ChatGPT, X and Shopify were disrupted as well as transit and city services. It turned out to be a latent bug in a service underpinning their bot mitigation capability which started to crash after a routine configuration change was made. Read about the detailshere.
SIDECHAIN BLOG
Still unclear on what an HSM is? We wrote a blog that outlines why and when you need one. Reach out with any further questions!
HSMs Demystified: What are they, when you need one, and why they matter A Hardware Security Module (HSM) is a tamper-resistant vault that creates, stores, and uses cryptographic keys without letting them escape. You typically pair it with a KMS so developers use simple APIs while keys live behind hardware controls. Choose an HSM when the assurance bar is high(compliance, crown-jewel keys, or supply-chain trust), and run it with day-2 discipline: quorum approvals, secure backups, health checks, and evidence.
DID YOU KNOW?
The answers to the quiz are:
- A
- B
- B
- C
- B
Remember the first 5 correct responses will win Sidechain swag!
🦃 Thanksgiving Cybersecurity Facts – Now is the time to stay alert!
- “Turkey Drop” scams spike around Thanksgiving weekend.
Attackers know people travel, and they use fake flight-change emails (“Your holiday flight has been canceled!”) to steal credentials. - Black Friday/Cyber Monday is the #1 weekend for malicious shopping sites. More than 1 in 5 new domain registrations during Thanksgiving week are linked to phishing, card skimming, or fake stores.
- Public airport Wi-Fi during Thanksgiving travel is a hotspot for man-in-the-middle attacks. Cybercriminals set up fake networks called things like “Free Airport Guest WiFi” to intercept passwords, banking logins, and emails.
- Gift card scams increase nearly 30% during the Thanksgiving/holiday season. Attackers impersonate bosses, relatives, or charities asking people to buy gift cards — one of the most successful fraud types each year.
- Thanksgiving charity scams often spoof real nonprofits. Cybercriminals create fake donation pages (sometimes copying the branding perfectly) to exploit holiday generosity.
- Holiday phishing emails use seasonal excitement as bait. Subject lines like “Your Thanksgiving Delivery Failed” or “Your Holiday Reward Is Ready” have higher click-through rates than generic spam.
- Fake recipe websites are a thing.
Scammers register domains like “thanksgiving-recipes-free[dot]com” to hide malware downloads behind “Click to view recipe.” - Online shoppers are 70% more likely to fall for fake tracking numbers during holiday shipping surges. Attackers send package notifications mimicking UPS, FedEx, and USPS, hoping people click without thinking
- Turkey spam isn’t just in your inbox. Botnets increase activity during holiday sales as cybercriminals try to infect new devices with malicious browser extensions and coupon “helpers.”
- Family gatherings often increase cybersecurity incidents. People use shared home devices, unsecured guest Wi-Fi, and outdated laptops — all of which broaden the attack surface.
