Holiday Season Cybersecurity Scams and How to Avoid Them

Holiday Season Cybersecurity Scam Awareness

The holiday season has arrived, and in this period, cybercriminals intensify their operations in order to monetize shoppers’ exposure to online fraud and scams.

The Department of Homeland Security (DHS) recently issued a security alert to warn U.S. consumers about malicious campaigns and scams that are common during the holiday season.

“As this holiday season approaches, the Cybersecurity and Infrastructure Security Agency (CISA) encourages users to be aware of potential holiday scams and malicious cyber campaigns, particularly when browsing or shopping online,” reads the alert published by the CISA agency.

“Cyber actors may send emails and ecards containing malicious links or attachments infected with malware or may send spoofed emails requesting support for fraudulent charities or causes.”

Europol has also issued a warning about holiday-themed fraud, focused on ticket scams.

In this period of the year, it’s quite easy to fall victim to criminals that take advantage of the holiday season by using themed scams in online advertisements, phishing emails, misleading sales calls and text messages. 

In many cases, scammers use holiday-themed phishing messages while pretending to be from popular brands or online stores like Amazon. Scammers may send victims fake order confirmations via email with malicious attachments or share links to phishing messages that promise special discounts to users that provide their personal data via a specially designed online form.

Law enforcement agencies and security firms recommend that consumers be cautious while shopping online during the holiday season. Fraudsters can attack them by intercepting insecure transactions, targeting unpatched systems, creating cloned sites and using scam email messages to harvest their financial and personal info.

Which are the most common holiday scams?

The types of holiday scams are only limited by the criminal’s imagination. However, some fraud patterns are well known, and (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Pierluigi Paganini. Read the original post at: