Top 10 Email Phishing Attacks Deployed During the Holiday Season
As we head into the heart of the holiday season, cyber security experts are warning of growing threats to your online security. Technological advancements – while exciting and promising — have opened doors of opportunity for cyber predators to find new ways to cheat people and organizations out of confidential and sensitive information. In particular, attackers benefit from phishing attacks during the holiday season, as technology use peaks with increased online transactions.
Experts at the tech training firm INE warn it is paramount for business leaders to develop a cyber awareness culture within their companies, and boost security awareness among employees. “Above all, organizations must build a resilient cybersecurity posture by increasing security awareness among employees and strengthening the first line of defense,” says INE’s CEO Richard McLain. During the holiday season, there is a hike in the number of spam emails sent, and security awareness about some of the most common types of phishing emails can play a significant role in protecting critical information.
Top 10 Holiday Phishing Attacks
- Real Estate or Wire Transfer Scam: This phishing email resembles those from real estate agents or regarding a property’s closing date. Such emails contain information to transfer funds.
- Social Media Account Lockout: Alert emails may come from an unknown source alerting malicious activities on Facebook or Instagram and direct users to slick on a “More Information” link embedded within the email.
- Order or Delivery Confirmation: Even though the user may not have ordered anything, such emails contain fake order details and include a link to check the order’s status.
- Job Search or Recruitments: Such emails will have attachments or links to view job descriptions or resume formats and impersonate high authority professionals to look authentic.
- Financial Account Notifications: These emails pretend to be from banks or investment establishments and request users to log in to view monthly statements or perform some action using the link.
- Refunds or Prize Notifications: Usually in the form of notification for prize winners, some emails request user details for claiming their rewards.
- Donation Requests: Such phishing emails request funds to help the poor during festivities or to victims of natural calamities and are linked with the spammer’s bank account as the beneficiary.
- Legal Scares: These emails will force the users to pay immediately to avoid legal actions. However, the activities mentioned in the email will most likely be unknown to the users.
- Top Authority or Executive Committee Staff: The email contains a spoofed email address and impersonates authorized entities in an employee’s organization. It requests information regarding the organization.
- Trusted Party Scams: The sender acts as the victim’s acquaintance and requests them to open a malicious attachment or clicking on an infected URL in the email, which might be linked to a malicious website
The effects of phishing attacks can be devastating, and include loss of reputation, loss of intellectual property, regulatory fines and additional business costs. As the holiday season gets underway, attacks will be rampant. We would like to connect you with the Cyber Security experts at INE, to help your audience learn what to be aware of this season, and how to protect themselves.