The National Retail Federation (NRF) has predicted nearly 127 million online holiday shoppers will make Cyber Monday purchases this year, but recent data from cybersecurity software provider Tripwire indicated that some holiday shoppers could put their respective employers in danger by shopping online.

The Tripwire consumer survey conducted by OnePoll and Dimensional Research on online holiday shopping security practices revealed 24 percent of consumers said they plan to do at least a part of their online holiday shopping at work, which could put their respective employers at risk.

"Cybercriminals are very resourceful, and they know that the siren song of a good deal is almost always irresistible to bargain hunters," Tripwire Chief Technology Officer Dwayne Melancon said in a prepared statement. "The number one reason to click is trust in a brand, which isn't good."

The following are some of the other numbers from the survey:

  • 40 percent of respondents said they believe emails from "trusted brands" are safe to click
  • 28 percent said they believe it is never safe to click on email shopping links
  • 26 percent said they believe newsletter and subscription email links are safe to click
  • 23 percent said they believe links sent from trusted associates are safe to click

Tripwire noted survey researchers evaluated the online cybersecurity awareness of 2,011 consumers from the United States and the UK.

How to teach employees about Cyber Monday safety

Managed service providers (MSPs) looking to protect customer data, should help educate employees about online shopping security threats.

Ken Westin, a Tripwire security analyst, told MSPmentor that education is key and pointed out that employees who understand the impact of cyber threats can take the necessary steps to secure sensitive data.

"Savvy attackers know that malicious links are effective, [and] that's one reason phishing attacks are so pervasive around the holidays," Westin added.

Westin also pointed out that employees should be particularly careful when checking personal email at work or when clicking links in ads on social media websites.

"Employees need to be aware that anytime their computer is on their corporate network, even if they logged in through a VPN, they can put their organization at risk by simply visiting the wrong website or clicking the wrong link in an email," he said.

Share your thoughts about this story in the Comments section below, via Twitter @dkobialka or email me at