Nonprofit Cybersecurity for the Holidays with Matthew Eshleman episode artwork

EPISODE · Dec 12, 2025 · 20 MIN

Nonprofit Cybersecurity for the Holidays with Matthew Eshleman

from Community IT Innovators Nonprofit Technology Topics · host Community IT Innovators

What scams are circulating and how can you protect yourself and your organization?Nonprofit Cybersecurity expert and Community IT CTO Matt Eshleman runs through common scams and new tactics that we are seeing at nonprofits and simple steps you and your staff can take at this time of year to be better protected.Takeaways on Nonprofit Cybersecurity for the HolidaysCommon scams“Your package couldn’t be delivered” … this email tries to get you to click on a link or respond in some way, using social engineering/helpfulness/urgency to trick you into helping a colleague or sorting out a problem with a package. “The Executive Director needs to purchase holiday gift cards for staff” … a variation on the “gift card” scam oriented towards the end of the year, holiday parties, gifts for donors or volunteers.Pop-up “your computer has been compromised, call this number” scam … often the pop-up can’t be closed (you should shut down and log back in, and alert someone on your actual IT help desk team.) New ScamsSpam bombs… followed by a helpful call from “the IT help desk” ... this scam will inundate your inbox with hundreds to thousands of spam email an hour. This scam tries to get the victim anxious at the spam attack and relieved when “the help desk” notices an increase in spam and reaches out to help. AI deep fake voice and video scams… growing in presence as the tools to create deepfakes become more available and affordable. Protections Against Holiday ScamsStay suspicious, particularly at the end of the day before a holiday break and the week before that break. Be particularly suspicious of in-bound calls and new contact information at any time of year, but particularly around the holidays. Do not give your log in credentials or other information to someone who called or texted you, claiming to be from IT or your bank. Review your incident response plan, particularly your phone tree, before the holidays. Make sure you know who to call to report a suspicion or problem, and make sure that your point of contact has a substitute for when they are out of the office for the holidays. Who is “on call”? Have strong cybersecurity already in place. Strong passwords, MFA requirements, physical MFA keys for staff who are particularly targeted like your Executive Director and CFO, staff training on the importance of cybersecurity to protect your organization – maybe even a quick training on holiday scams to watch out for … taking proactive steps will give you peace of mind during your holidays.Do not be tricked into using a work-around. Always use your established procedures. Do report something, using your incident response plan. If you did click on something suspicious at 5pm on a Friday, use your response plan to report it immediately to the person on call for your cybersecurity. Community IT seeks to provide trusted advice and guidelines for nonprofit cybersecurity safety around the holidays. If you have questions on cybersecurity assessments, staff training, incident response plans, or other cybersecurity topics, reach out and schedule a conversation or assessment with Matt. _______________________________Start a conversation :)Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/email Carolyn at [email protected] LinkedIn on reddit/r/nonprofitITmanagementon the Community IT websiteThanks for listening. 

What scams are circulating and how can you protect yourself and your organization? Nonprofit Cybersecurity expert and Community IT CTO Matt Eshleman runs through common scams and new tactics that we are seeing at nonprofits and simple steps you and your staff can take at this time of year to be better protected. Takeaways on Nonprofit Cybersecurity for the Holidays Common scams “Your package couldn’t be delivered” … this email tries to get you to click on a link or respond in some way, using ...

NOW PLAYING

Nonprofit Cybersecurity for the Holidays with Matthew Eshleman

0:00 20:08

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Community IT Innovators Nonprofit Technology Topics?

This episode is 20 minutes long.

When was this Community IT Innovators Nonprofit Technology Topics episode published?

This episode was published on December 12, 2025.

What is this episode about?

What scams are circulating and how can you protect yourself and your organization?Nonprofit Cybersecurity expert and Community IT CTO Matt Eshleman runs through common scams and new tactics that we are seeing at nonprofits and simple steps you and...

Is there a transcript available for this episode?

Yes, a full transcript is available for this episode. You can read the complete transcript on the episode page.

Can I download this Community IT Innovators Nonprofit Technology Topics episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!