Cybersecurity Threats during the Holidays

October heralds the onset of the holiday shopping season, with everyone excitedly preparing for year-end celebrations. However, this festive period also ushers in the less cheerful holiday phishing threats. During the busy season, as organizations are preoccupied and shoppers and donors become more active, cyber attackers find an ideal window to launch their schemes. The seasonal rush creates a prime opportunity for these malicious actors to exploit vulnerabilities. These digital Scrooges are known to increase their phishing efforts, with incidents spiking over 50% above the yearly average from October through January. Beware the ‘Bah! Humbug!’ of cyber crime this season.

Christmas Computer Cybersecurity

Here’s an early gift that will hopefully make your holiday season a bit less phishy. Be on the lookout. Winter is coming.

Phishing Trends

  • SAAS AND WEBMAIL PRETEXTING.
    • Phishing emails that purport to be from popular software-as-a-service (SaaS) and webmail services, such as Microsoft 365, G Suite, and DocuSign.
    • To steal your credentials by presenting you with fake login pages, prime for credential harvesting.
    • report by APWG found that SaaS and webmail services’ pretexting jumped by more than 15% between Q3 2018 and Q1 2019.
  • HTTPS PHISHING.
    • Malicious websites using SSL certificates.
    • To trick you into trusting malicious links, based on the misconception that a URL appended with “HTTPS” is safe.
    • report by APWG found that between Q1 2018 and Q1 2019, the number of phishing websites using SSL certificates increased by more than 20%.
  • BUSINESS EMAIL COMPROMISE (BEC).
    • Phishing emails may appear to originate from someone within your organization, like your boss or a co-worker. Noticeably, these emails often do not include any links or attachments.
    • To convince you that the sender is someone you know and trust, to solicit compliance with requests for wire transfers, gift cards, or information.
    • The FBI has reported that BEC has cost victims more than $23 billion since 2016, with a 100% increase in losses between May 2018 and July 2019 alone.

As we embrace the joy and bustle of the holiday season, let’s not forget to safeguard our digital well-being against holiday phishing threats. With cyber attackers particularly active from October through January, remember to stay vigilant. This season, while we spread cheer and goodwill, let’s also spread awareness and caution to ward off the digital Scrooges lurking in our inboxes.


About CIT

CIT Careers

Rooted in Minnesota with innovators nationwide, we’re tech problem-solvers & solution providers. From cybersecurity to support engineers, we’re powered by passion & precision, aiming to transform adversity into advancement. Together, let’s redefine the digital horizon.

Get in contact: email us at info@cit-net.com or call 651.255.5780

Copyright: © 2024. All Rights Reserved.

CIT is designated autism-friendly by autism speaks