top of page

Holiday Scams and Phishing Attacks

While most people take the holidays to relax and recover from a long year, hackers see this time of year as an opportunity to catch you with your guard down. Each holiday season there are dozens of new cyber scams and schemes that could compromise your business or you, personally. This holiday season, use these simple safe cyber practices to ensure your time is spent with family and friends and not recovering from a breach.

Currently, the majority of breaches (more than 90% according to Mimecast) are the result of phishing. Phishing is when bad actors send disguised emails in hopes you will enter personal information such as your username and password. So far this holiday season, we have seen increased activity with a variety of different schemes. Here are the most common this season:

- Emails/texts asking for information from you

- Emails/texts with fake invoices asking for payment

- Emails/texts requesting updated information for shipping delays, failed payments

- Password “reset” or password strength emails. Often these can appear to come from

your own IT department

- Emails asking for donations to a charity

- Emails/texts requests to purchase gift cards

Another way bad actors can compromise you personally or your business is by getting their victims to click on links that contain malicious content such as malware or ransomware. Some common methods of getting clicks include:

- Fake shipping information

- Links to deals that do not exist

- Fictitious customer surveys after you purchase a product - Fake websites, social media accounts selling products

As you can see there are many different ways criminals attempt to compromise your business or personal life, but if you follow these 5 simple common practices you can defend yourself.

1. Avoid clicking links in unsolicited emails

2. Check the address that the email is sent from as well as to whom it is addressed

3. Verify authenticity of charities

4. Set up two factor authentication when available

5. Do not perform financial transactions without some form of verbal confirmation


bottom of page