While your users are getting ready for their next beach vacation, cybercriminals are preparing for their opportunity to strike. Check Point Research warns about this and common phishing attacks related to summer vacations.
According to the research company, "In May 2023, the period running up to summertime, 29,880 new domains related to holidays or breaks were created. This represents a 23% year-over-year increase compared with the same period last year, when 24,367 new domains were created. Of those websites that went live, 1 in every 83 were either malicious or suspicious."
They also observed several phishing campaigns with some examples of an approved vacation request for time off and a fake announcement on the annual and summer open vacation plan for this year. Below is an example of what your users should look for:
Source: Check Point Research
There are going to be more summer scams to come and this season has just begun. I suggest you send the following alert to your users:
Summer is here, which means cybercriminals are going to attempt to trick you into falling for their common tricks. Make sure to watch out for these warning signs:
Make sure you're staying safe this summer and ALWAYS Think Before You Click!
- Emails that sound 'too good to be true' for an all expense paid trip probably are
- Look out for domains that have any misspellings or additional letters
- If the URL doesn't start with HTTPS, it's most likely not legitimate
Continual end user education is essential, especially when your users' guard may be down this summer. If your organization hasn't taken advantage of new-school security awareness training, now is the time to start.
