As we prepare for the big and busy holiday season, our focus tends to turn
towards the great sales out there — ideally to finish our gift lists on time. Naturally and unfortunately, scheming cybercriminals are making their own lists. All those special discount days like Black Friday or Cyber Monday create the perfect opening for cybercriminals to launch phishing campaigns. In 2020, phishing watchdogs saw a 100% increase in phishing emails related to those specific days. Perhaps it’s a good time to stay alert — not just for deals, but also for the phishmongers’ despicable discounts.
Sales phishing ramps up during the months leading up to the holiday season. Cybercriminals send emails with “great deals” or “last-minute deals” or even information about an order you allegedly placed that requires your urgent attention. This type of phishing is designed to get you to buy something nonexistent from a fake site or provide information to enable identity theft or credit card fraud.
Malvertising is when cybercriminals include malicious coding within what looks like legitimate advertising. But it actually provides a way for the cybercriminal to inject your computer or phone with malware. From there, they can easily steal your personal data or even hack deeply into your workplace’s IT infrastructure.
Pop-up phishing is a pop-up browser window that appears while online, which is another phisher favorite. The pop-up is often disguised as a legitimate service, such s a mobile phone company or a popular fashion brand -and promises large windfall or endless rewards….if you register using personally identifiable information. The scammer then uses that information for identity theft, or to log in to your other online accounts. Always close these annoying pop-ups properly by clicking the “X” in the corner, closing the open window tab, or by shutting the browser down completely.
How to protect yourself from the phishmongers:
- Never register online with your professional email address for personal items such as gifts or groceries. This minimizes any chances of your workplace being compromised by malicious spam emails. Not to mention, it greatly reduces the number of emailed distractions flooding your inbox.
- Think twice before clicking on an advertisement or a pop-up – they could be phishing for your information.
- Do not share personal information with untrustworthy sources. Always verify their legitimacy before signing up for anything. Using a search engine to establish a website’s authenticity, or if it’s a known scam, is always a good idea.
- Urgency within the message is almost always a sign of phishing. e extra careful when receiving offers that demand immediate action. Resists all your urges to act on what could be fraudulent offers.