When the holidays come around, many of us are busy with planning, gift buying and decorating, oftentimes forgetting to be diligent when accessing the web. Cyber criminals are well aware of this and are getting sneakier and changing tactics – moving from malicious attachments to “watering hole” style attacks that lure victims to a trusted […]
When the holidays come around, many of us are busy with planning, gift buying and decorating, oftentimes forgetting to be diligent when accessing the web. Cyber criminals are well aware of this and are getting sneakier and changing tactics – moving from malicious attachments to “watering hole” style attacks that lure victims to a trusted (but compromised) URL destination.
During this time of year, people make more online transactions than usual, so it’s essential to be extra careful when sending financial and/or personal information, even to sources you think are reputable. While you may think you are saving time having a website save your details or registering with a website, make sure you think about how many new ways you are opening yourself up to having those details stolen should those sources become compromised by attackers. Not taking these steps to protect yourself could turn a morning of building your sweet new Lego Millennium Falcon into months of picking up the pieces of your now-stolen identity.
In this slideshow, AlienVault has identified common phishing traps users should avoid.
Click through for tips on how to avoid phishing email scams, provided by AlienVault.
Go to the website from your browser and look for the promotion. Unless the website has been hijacked, which the business hopefully notices soon, this is the safer route. While not perfect, going directly to a website is preferable to clicking on links in emails.
This may seem obvious, but your best defense is to pay attention when surfing the web. This includes knowing what sites you are accessing, who you are giving your personal information to, and what files you are opening.
If you get an email from your bank, doctor, house/auto lender, etc. that is asking you to supply personal information, take steps to verify the origin of the email. Contact the purported sender directly (don’t click on the ‘customer support’ link as it may redirect you to a malicious site) and see if they actually sent out that email. Doctor’s offices, banks, and other financial institutions are actually pretty good about not sending or soliciting information over email so, chances are, someone is trying to take you for a ride.
Is there a link in the email that the sender wants you to click? Read the URL a couple of times and make sure you are going to paypal.com and not peypal.com. You can also hover over the link or right-click copy/paste the URL into a text file to make sure that the “link” isn’t just a text label disguised as the URL. If the link is using URL shortening links, such as bitly, use extra caution.
While today’s malware and antivirus scanners can usually catch the majority of malicious executables, it’s really easy to alter the makeup of an existing file to the point where it can evade detection. Over the busy shopping period, you will probably get an array of “delivery” or “shipping” notices as normal. One technique attackers use is to disguise these as malicious attachments. Most online retailers will send these as the body of the email, so think carefully before opening an attachment.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
