How to avoid the festive phishing season
By Heino Gevers, security specialist at Mimecast.
The festive season might be a time for relaxation and celebration for most, but as they say, there's no rest for the wicked. In fact, it's the time of year when cyber attacks become more prevalent, says Heino Gevers, security specialist at Mimecast.
According to a survey conducted by managed security services provider Network Box, phishing attacks accounted for more than 50% of all the online criminal activity last December.
Phishing has invaded our inboxes for many years and cyber criminals continue to bombard us with ever-more convincing e-mails to con the unsuspecting into revealing personal information (most often, banking or credit card details). "Festive season cyber crime" started with fake e-card scams, but antivirus and anti-malware programs developed quickly to prevent most of these threats. In turn, cyber criminals quickly realised they needed to prey on something more fallible: the curiosity of the user.
The term "curiosity killed the cat" rings true here, because even if something doesn't look legitimate, e-mail users are often still curious enough to click without caution. Countless users fall victim and e-card scams have mutated into a bigger monster. Phishing is still a dangerous and viable method for targeted threats.
Over the festive season, many retail stores send e-mails with specials and discounts to their customers. Cyber criminals pick up on these and create duplicate mails or sites that look identical to the real thing. Unfortunately, this type of phishing is relatively easy to do and can result in a goldmine for the phishers.
How to keep safe
With so many bargains popping into your inbox over the festive season, it becomes incredibly difficult to identify what is legitimate and what isn't. Possessing an e-mail solution that consists of targeted threat protection is necessary, but there are a few other measures that can be taken to keep you safe over the festive season:
* Be sceptical of any specials sent via e-mail. Never click on links blindly ? rather scrutinise the source, check the sender's address as well as the Web site URL. If the special looks too good to be true, it probably is.
* Only buy from reputable suppliers and vendors. Avoid any retailers that look like they might be fly-by-night operations and those with which you're not familiar. Check for contact details and give them a call first if you're uncertain.
* Don't access specials directly via e-mail. When in doubt about the legitimacy of a special, go to your browser and type in the URL to go to the site directly. Specials will usually be loaded onto the sites as well.
* Use loyalty points and reward programs as a currency when purchasing online. Loyalty points and reward programs aren't directly linked to your account information. Most people would take losing loyalty points over having their bank account cleaned out in the case of a phishing scam.
* Research and be aware. Do your research and find out if any recent phishing scams have been in the news and who is at risk. Be sure to see which retailers are the most targeted, too.
In order to take a preventive approach against cyber crime, we need to educate ourselves and our family about the dangers of the Internet. Be safe over this festive season.
Heino Gevers is a security specialist at Mimecast and has nearly a decade's worth of expertise in unified e-mail management and enforcing security policies and rules across multiple platforms.