Issue No. 100December 2020
Holiday Technology Scams to Avoid
With the Holiday Season upon us, we decided to make this month’s article around safer holiday shopping. Sending happy holiday wishes to you and yours.
Some Phishing Attacks, Online Tricks & Holiday Scams to Avoid
Consumers are busy scouring the internet for the best deals whenever they get a few minutes at work, whether in the office or remote. But this presents risk to both employees and businesses. Review these six attacks and scams to be on the look for this holiday season.
Spoofed Websites: It is estimated that 46,0000 new phishing sites are created every day, many of which are propagated through email. According to the Anti-Phishing Work Group (APWG), about 35 percent of phishing attacks were hosted on websites that had HTTPS and SSL certificates, so looking for the lock icon is not enough anymore. Cybercriminals are getting savvier, hijacking the look and feel of popular brands and using spoofed domains with hard-to-catch spelling variations to steal information.
Phishing Emails: It’s the holiday season, so employees are in festive moods dreaming about vacation or distracted with online shopping. With the increase in the volume of phishing emails, it is easy to let the guard down and click on well-crafted phishing emails while trying to finish work before the holidays. Businesses should ensure they have a secure email solution implemented to mitigate email-based attacks.
Gift Card Scams: Most major retailers offer gift cards that can be purchased electronically. This is truly a gift for cybercriminals to lure victims into clicking on an email offering a free gift card from a major brand or, in the case of a targeted phishing attempt, the gift card may appear to be sent from someone familiar, like a friend or co-worker.
Shipping Invoices: This type of phishing email seemingly comes from a popular shipping service, such as FedEx, UPS or the USPS. Cybercriminals use the shopping season opportunistically to send email with phishing links under the guise of tracking a package or downloading a shipping label. Similar shipping phishing emails can come from major retailers like Amazon or Walmart.
Illegitimate Apps: Shoppers are taking to mobile apps to shop and the cybercriminals are taking notice. Lookalike apps and rogue apps crowd popular app stores and, once downloaded, prompt for credit card information, social media login credentials or permission to access data on your phone.
Letters from Santa: Scammers send bogus emails promising to send your child a letter from Santa for a fee. Beware of clicking on such emails and providing payment information. Many, unfortunately, are scams that prey on unsuspecting parents.