If increases in cyberattacks this year are any indication of what to expect in the next six weeks of holiday shopping, we should expect a massive uptick in holiday-related scams.
The expectation by the National Retail Foundation for this year’s holiday shopping is that we will see 4% more spending than last year. This is a slight year over year decrease (as last year saw a 5.4% increase over 2021), but still indicates increases in spending.
And all that spending means lots of time spent online, checking emails, looking for packages that haven’t arrived yet, and charitable opportunities for those in the giving spirit – just what cyber scammers are planning on taking advantage of. Whether we’re talking about specific notable holiday dates like Black Friday, Cyber Monday, and Giving Tuesday or are simply realizing that these days more reflect the general spending and giving mood this time of year, the opportunities for cyber scams will once again abound.
Some of the general themes to warn your users against:
- Holiday specials (that are too good to be true)
- Shipping issues with one of “your” packages
- Fake invoices or notifications for purchases you actually never made
- Heavily discounted Gift Cards (see “Holiday Specials” above)
- Fake Charity websites and emails seeking your donations
In all these scams, the first step is to check to see if the brand claimed within the email or website (e.g., Amazon, UPS, Apple, etc.) is legitimate by looking at the sender address in emails and the URL of any involved websites. Second, you can further put a potential scam to the test by going to the known-good domain for the claimed brand and validating the claim made in the scam (e.g., visiting Amazon’s official website and looking at your orders to see if that invoice for a $3500 105” TV is really a purchase on your account).
There will no doubt be plenty of other scam themes I haven’t listed above; the important thing is to remain vigilant and err on the side of caution believing any exceptional good or bad news related to the holiday season is assumed to be a scam first until proven to be legitimate.
KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.