Holiday hackers gearing up for the season


Thought Leadership

Holiday hackers gearing up for the season

Teresa Zwierzchowski

Tis the season! As we approach the holiday season and begin our annual shopping for gifts, let’s remember that hackers are also shopping… but they are looking for your credentials, your data and/or access to your bank accounts.

pandora-1AppRiver security specialists have already started to see emails aiming to catch online shoppers off their guard. Including this one that spoofs a popular jewelry brand.

The email contains an advertisement for a coupon to use on Pandora Jewelry. However, just taking a quick glimpse at the sender’s email should be a first clue that this email is not legitimate (Pandora outlets:

And while everyone is seemingly jolly, there are a few Cybergrinches looking to steal your holiday cheer.

Don’t let the Cyberscrooges take away your holiday joy! Beware of these popular scams during the holiday season tips to keep yourself (and your company’s network) safe while shopping this holiday season.

Fake charities: Cybercriminals are not above taking advantage of people’s giving nature during the holiday season – or any time of the year. Do your research before giving money to charities. Sites such as Charity Navigator, CharityWatch or GuideStar are good places to help you determine which charities you can trust are on the nice list.

Holiday eCards: The downloadable eCards often bring warm tidings (and the gift of malware and malicious links). Unless you know the sender and it is addressed directly to you, go ahead and delete any of these that pop up in your inbox.

Gift cards: You know that “too good to be true” gift card deal you found on that online auction site? It was more than likely too good to be true. Gift cards purchased from online auction sites are likely counterfeit, were purchased in a fraudulent manner, were previously used and/or may not contain the amount you were promised. If you must buy a gift card online, it is recommended to go directly to the business you are buying from (straight from the reindeer’s mouth, so to speak).

Fake delivery / invoice emails: During the holiday season, spammers and malware distributors ramp up production of fake emails that appear as legitimate messages from UPS, FedEx, Amazon, PayPal, etc. This is the time of year many are shipping packages to loved ones around the globe or shopping for that perfect set of pots for Aunt Polly, so many are expecting emails to confirm shipping or invoicing. However, malicious actors have gotten really good at crafting messages that look like the real thing – yet their emails contain malicious links or payloads designed to infect your machine. That glow you’re imagining isn’t chestnuts on an open fire but could be your computer working overtime to do something naughty. Exercise caution.

Letters from Santa – Wanting to send your child a reminder to remember Santa is watching? Just make sure you do your research. There are many companies out there catering to this, but many are fake and just looking to gain your personal information. Best check with the Better Business Bureau to confirm these companies exist. Remember – Santa doesn’t work with Cybercriminelves!