As the holiday season approaches, online shopping, and the general good will of people desiring to help others is expected to give rise to increased cyber security threats. Unfortunately, there are hackers and scam artists all over the world just waiting to take advantage of your increased online activity and benevolence.
Here are some of the ways we have seen this happen and expect it to happen even more this year.
1. Unsolicited shipping notifications that may actually be scams by attackers to solicit personal information (phishing scams)
You’ve probably seen these messages before, indicating that your package delivery has been delayed and that you need to take some action to claim it… and you probably haven’t given them much thought. This time of year however, when you may actually have several Christmas gifts, holiday decorations, or other items on the way, it will be more tempting than ever to fall for this one. These types of phishing attempts count on a percentage of people who are actually waiting on something to arrive, and this time of year, those percentages increase dramatically.
2. Electronic greeting cards that may contain malicious software (malware)
Don’t recognize the sender… well it may not be a greeting that you want.
3. Requests for charitable contributions that may be phishing scams or solicitations from sources that are not real charities
We recommend that you never, ever give to a charity that utilizes unsolicited email as a means of raising funds. If you signed up with them at some point, then that may be OK, but if you haven’t heard of them and don’t know how they got your email address… just click delete. This applies to unsolicited phone calls as well… even if you have heard of them. If you really want to give, hang up, look up the charity’s number online, and call them back at their published number. NEVER give out your CC number over the phone, unless you initiated the call.
4. False advertisements for holiday accommodations or timeshares
Just another scam that plays on our desire to “get away from it all”. If you need a vacation, do your own research and make the calls yourself.
Suggested preventive measures to protect against phishing scams and malware campaigns include:
1. Not clicking web links in un-trusted email messages.
Even if the message looks legit, mouse over the link and verify the address is going to take you to the expected domain, before clicking on it.
2. Using caution when opening email attachments. Check out the Using Caution with Email Attachments Tip for more information on safely handling email attachments.
https://www.us-cert.gov/ncas/tips/ST04-010
3. Review the Federal Trade Commission’s page on Charity Scams. Use the links there to verify a charity’s authenticity before you donate.
https://www.consumer.ftc.gov/features/feature-0011-charity-scams
4. Read the Avoiding Social Engineering and Phishing Attacks Tip.
https://www.us-cert.gov/ncas/tips/ST04-014
5. Refer to the Holiday Traveling with Personal Internet-Enabled Devices Tip for more information on protecting personal mobile devices.
https://www.us-cert.gov/ncas/tips/ST11-001
As always, if you think your data or systems may have been comprimised, call us immediately at: 859-200-0428, or email us at support@istam.net.
