The holiday season is fast approaching! While the holidays bring a lot of joy to many people, it’s also true that the holidays are a threat to businesses and consumers alike. Fake offers and notices flood corporate and personal emails, mobile devices and social sites. And scammers know people are distracted and they cleverly cloak their bad intent as legitimate holiday commerce.
Threat actors exploit user shopping habits
Users will be spending more time online, outside of the confines of a corporate network and receiving numerous offers via email and text. Cyber criminals have been relentless this year and will certainly take advantage of holiday shopping; and this year, people will be shopping virtually like never before.
As such, it’s perhaps more important than ever for consumers to brush up on online shopping tips and cybersecurity best practices. But it’s also helpful for online shoppers to see what phishing attacks, social media scams, and other tricks and traps look like in practice. It’s similar to the idea of “putting a face to a name”; visual cues can lead to a stronger connection and, in the case of security awareness, give users a better sense of how to put best practices into action.
Here are examples of common holiday phishing and social scams:
Fake Notifications From Retailers
Unfortunately for large retailers like Amazon, their size and reach make their brands the perfect
vehicles for social engineers. Because consumers frequently get emails from a company like
Amazon, they can mistakenly assume that any email that looks like it’s from Amazon is legitimate.
Phony Shipping Notifications
Phony shipping emails are perennial favorites for attackers, and they become more frequent during the holidays. We again see social engineers tapping into fear; after all, nobody wants there to be a problem with the merchandise they’ve ordered or packages they’ve shipped.
Fake Social Media Ads
Cybercriminals benefit from consumers’ misplaced trust in social media channels. In surveys we conducted for our User Risk Report, we found that many social users mistakenly believe that outlets like Facebook, Twitter, and Instagram approve business pages before they go live on the platform.
Time to Remind! Leverage the Proofpoint Holiday Security Awareness Kit to Raise Awareness of Seasonal Threats
Cybersecurity best practices and users are critical to maintaining strong security postures. To help organizations raise awareness of the holiday season scammer activity, we’ve curated a selection of free resources to support your user’s safe computing during the 2020 holiday shopping season.
The Proofpoint Holiday Security Awareness Kit provides written, visual and video content that can be emailed, displayed, posted or presented throughout the season. You’ll find descriptions on how to use the materials and we provide a suggested communication plan and schedule. Here, you’ll find guidance and tips for successfully and executing a holiday awareness campaign with the materials provided.
Here is the link: Proofpoint Holiday Awareness Kit
Holiday Security Awareness Kit Materials
The best timing for launching your program is now. In this complementary kit, we provide a sample (4) week rollout of the holiday kit to help your users stay safe!
– Week 1: Launch the program
– Week 2: Webinar reviewing safe practices during the holiday season
– Week 3: Fun, short videos to help reinforce learnings
– Week 4: Reinforcement of safe WFH practices
*And Check Out Our Security Awareness Training Content
Want to see Proofpoint Security Awareness Training’s full Content Library? Download our content solution brief.