The holidays don’t only bring seasonal decorations and office festivities, they also bring targeted phishing emails designed to hide among the types of messages that increase in volume during the holidays.
This year’s holiday phishing season is going to be especially bad because it’s coming on the tail end of a year that’s already seen skyrocketing phishing attacks due to the pandemic.
During just the first quarter of 2020, phishing was reported to be up by 350%.
Without proper protections in place, such as cybersecurity programs like Quantum Care and ongoing employee cybersecurity awareness training, businesses can end up suffering major downtime and losses due to ransomware, breaches, and other types of attacks.
Seasonal phishing scams are a threat that can impact device security, data security, and network security. One of the best ways you can combat them is through employee awareness training.
Learn to Spot These Holiday Season Phishing Scams
Employees armed with the knowledge of what to look out for in their inboxes can be much more effective at avoiding a phishing-related security incident.
Company Holiday Event Surveys
Employees may jump at the chance of giving their opinion on a holiday event survey for work, and this may be such a welcome distraction from their day-to-day, that they open the survey attachment without thinking first.
This is one of the common holiday email scams and can end up infecting a network with malware as soon as a malicious attachment is opened.
It’s best to always check with the appropriate colleague first, before opening emails like this.
Did I Order That? (Fake Order Email)
The fake order email is another phishing scam that ramps up around the holidays. Since people are generally shopping online during this time, they’re more likely to think a strange order from “Amazon” is some kind of mix up and they click the site link in the email to sort it out.
But these types of phishing emails can often take the user to a sign-in page that looks like Amazon’s site but is designed to steal their login credentials.
Hovering over links in an email, both text and image links, is a good way to reveal a fake.
Donation Phishing Scams
People are generally in a giving mood during the holidays and it’s a time when legitimate charities ramp up their marketing outreach. This is also a time when fake donation phishing scams run rampant.
It’s a good idea to never donate through a link in an email. Instead, visit a charity website directly, and if it’s one you’re unfamiliar with check them out on a site like Give.org to ensure they’re legitimate.
Fake Holiday Schedules from Vendors
Companies often send out holiday schedules to customers this time of year, so they’ll know when the company will be closed during the season.
Because scammers know that users will expect these, they use this fact to create fake phishing attacks purporting to be a holiday schedule.
It’s a good idea to check directly with a vendor to get their holiday hours rather than taking a risk by opening an email file attachment.
Bogus Shipment Tracking
Tracking emails come in from holiday shopping activities throughout the holiday season. But not all of those may be legitimate, because phishing scammers send bogus shipment tracking notices with malicious links.
These emails often look exactly like those from UPS, USPS, and FedEx and can be difficult for users to spot in the middle of a busy day.
The best way to avoid falling victim to a fake tracking email is to always check tracking directly on the website of the retailer or shipper, and not through an email link.
Fake Black Friday Sales & Deals
Sale emails from retailers for Black Friday and Cyber Monday often fill up inboxes this time of year. Phishing scammers will spoof these ads to lure someone into clicking on what they think is a great deal but is actually a link to a malicious site.
Users can use the tactic of hovering over links to see if they go to a legitimate retailer site, and also stay safe by going to the site directly to see a sale, instead of clicking an email link.
Santa Letter Phishing
It’s a shame, but even Santa isn’t safe from being spoofed in a phishing attack. Another popular phishing scam is an email advertising a personalized letter from Santa for a child offered at a low price.
A parent wanting to make the holiday magical might click without thinking and enter their address and payment information into the form. This type of scam is designed to steal payment card details and can even be used for more nefarious purposes because the scammer will have a child’s name and address.
Keep Your Business Network Secure with Quantum Care
Quantum PC Services offers Quantum Care to Sturgeon Bay area businesses. This services package includes excellent cybersecurity protections to keep your network safe from phishing and other online threats.
Contact us today to learn more! Call 920-256-1214 or reach us online.