Cyber thieves love the holidays


They know how busy people are and they count on people reacting to things in their email that might normally make sense this time of the year. Here are 12 techniques / suspicious emails to watch out for to protect both your business and home computing devices:

  1. Secret Santa messages – chances are, you don’t have a secret internet Santa, so don’t click the link to find out who it is or what they got for you.
  2. iTunes gift certificates (or other, Apple is one of the most phished brands) – watch out for emails saying someone gave you a gift certificate and to click on the certificate to claim it. Check with the sender first.
  3. E-cards with mismatched links – if the link in the email isn’t from the e-card company’s site (look at the domain name), it’s probably not something you should open.
  4. Surveys that offer gift cards – thieves are counting on the fact that you’d like to buy more gifts or give gift cards this time of year. Filling out surveys is an easy way to get your personal information in general.
  5. Links to “hot” deals or coupons for Black Friday or Cyber Monday from major retailers that aren’t from the retailer’s site.
  6. Direct Deposit Cancellations – Don’t click, call your bank.
  7. Package Not Deliverable – if you get a message saying you’ve got a package waiting, call your local post office, and don’t “print out the postage label”.
  8. Fake flight confirmations / updates or hotel changes / extra charges – these will usually involve the major airlines or chain (like Delta, American Airlines, Hilton, Marriott) and will try to get you to click on a link. Call the airline or hotel.
  9. Charity requests – especially if you talk about the charity in your social media (targeted message), make sure to confirm the campaign with the organization directly before contributing.
  10. Work from home programs for extra holiday money – be wary of giving out your info without checking organization.
  11. Holiday Screensavers – many sites like this (holiday or otherwise) may contain malware that you’ll be downloading with your screensaver or other images.
  12. Emails / links offering live streaming sports (bowl games, etc.) – once they get your email, they’ll look for additional ways to send more malicious emails, if they don’t direct you to sites with malware directly.

And special for this year –

  • Star Wars Ep 7 Tickets / Events – scammers are on the Dark Side…
  • Chip embedded credit/debit card requests – your financial institution won’t need you to fill out a form with your account information to get one of the new cards.

Also, avoid videos related to the recent Paris tragedy, as threat actors commonly weaponize “unseen video” or similar messages about major news items.

When in doubt, be very careful opening anything where you don’t know the sender (this goes for Facebook and other social sites) and, if it seems too good to be true, make sure the person meant to send it to you before you click. Please report any suspicious activity to the LANPRO HelpDesk ( immediately.

[Credit Michael O’Doherty of Cushman & Wakefield]

Have a Cyber-safe Holiday Season!

Your friends at LANPRO Systems, Inc.