Watch Out for These Top 10 Holiday Phishing Attacks

Tech training firm INE is out with its list of the top 10 holiday phishing attacks.

It’s the most plunder-ful time of the year, according to experts. Attackers benefit ​from phishing attacks during the holiday season, as technology use peaks with increased online transactions.

Experts warn business leaders to develop a cyber awareness culture within their companies. They should also boost security awareness among employees.

“Above all, organizations must build a resilient cybersecurity posture by increasing security awareness among employees and strengthening the first line of defense,” says INE’s CEO Richard McLain.

During the holiday season, there is a spike in the number of spam emails that bad actors send. Security awareness about some of the most common types of phishing emails can play a significant role in protecting critical information.

The effects of phishing attacks can be devastating. They include loss of reputation, loss of intellectual property, regulatory fines and additional business costs. As the holiday season continues, attacks will be rampant.

Scroll through the gallery below to find out what you should be on the lookout for.

Datapipe's Robb Allen

#1 - Real Estate or Wire Transfer Scam

This phishing email resembles those from real estate agents regarding a property’s closing date. They often contain information to transfer funds.
2 - Social Media Account Lockout

#2 - Social Media Account Lockout

Alert emails may come from an unknown source. They warn of malicious activities on social media such as Facebook or Instagram, then direct recipients to click on a “More Information” link embedded within the email.
3 - Order or Delivery Confirmation

#3 - Order or Delivery Confirmation

Even though the user may not have ordered anything, such emails contain fake order details and include a link to check the order’s status.

4 - Job Search or Recruitments

#4 - Job Search or Recruitments

Such emails will have attachments or links to view job descriptions or resume formats and impersonate professionals of high authority to look authentic.

5 - Financial Account Notifications

#5 - Financial Account Notifications

These emails pretend to be from banks or investment establishments. They request users log in to view monthly statements or perform some action using the link.

6 - Refunds or Prize Notifications

#6 - Refunds or Prize Notifications

Usually in the form of notification for prize winners, some emails request user details for claiming their rewards.
7 - Donation Requests

#7 - Donation Requests

Such phishing emails request funds to help the poor during festivities or to help victims of natural calamities. They link to the spammer’s bank account as the beneficiary.
8 - Legal Scares

8 - Legal Scares

These emails will force the user to pay immediately to avoid legal actions. However, the activities mentioned in the email will most likely be unknown to the users.
9 - Top Authority or Executive Committee Staff

#9 - Top Authority or Executive Committee Staff

The email contains a spoofed email address and impersonates authorized entities in an employee’s organization. It requests information regarding the organization.
10 - Trusted Party Scams

#10 - Trusted Party Scams

The sender acts as the victim’s acquaintance and requests they open a malicious attachment or click on an infected URL. This may lead you to a malicious website.

Leave a comment

Your email address will not be published. Required fields are marked *

The ID is: 142998