The holiday season is here, and so is the yearly holiday surge in phishing and cybercrime. As gift-givers look on the internet for the best deals, cybercriminals put in work to help profit off the craze of holiday shopping. Cybersecurity researchers report that this holiday fraud cycle has become more prevalent in recent years. The constant transactions and shopping patterns have created a lot of opportunities to capture payment data to attempt any fraudulent transactions. To learn which phishing tactics you should keep a close eye out for this season, read on!
Phishing Tactics
Phishing activities experience a spike each year around the holidays, and this year is no different. Online shopping continues to reign supreme, so it’s as important as ever to keep your eyes peeled for suspicious activities online. The use of e-commerce phishing URLs has increased steadily over the last few years, and it will continue. The holidays are primetime for cybercriminals, who are trying to do everything from order confirmation email scams and SMS to enticing fake promotional offer emails.
Domain Impersonation and Promotional Scams
Many phishing emails are paired with convincing domain personation scams that at simple e-commerce operations by running lookalike retail impersonation sites that are both large and small brands. Plenty of them are tied to different social media impersonations. They usually promote “unbeatable” deals and a sense of urgency with any “limited-time deals” that could convince consumers to give up a payment deal.
Credential Stuffing Attacks
Criminals work overtime to direct some automated bots to carry out credential stuffing attacks that try using credentials stolen from one website on a handful of other websites in case the victim uses the same passwords. These bots carry out account takeover attempts reach their peak in early December, and they can represent a big portion of retailer traffic during this time. Usually, the human-to-bot ratio on these login pages is around two to one on a typical day, but it is about one to twenty during the holidays. If you’re running an e-commerce website, a correct network security plan or firewall installation could prevent a lot of these bots from gaining access to your own website.
Advertisement Fraud Attempts
After attackers have harvested accounts and started to monetize with card fraud, they will transition the bot activity onto another venue, which is advertisement fraud. This usually happens right after Cyber Monday and continues to increase yearly. To learn how we at En-Net Services can help you around the holidays, give us a call today!
En-Net Services Can Help Today
Experience a superior method of getting the public sector technology solutions you need through forming a partnership with En-Net Services. Our seasoned team members are familiar with the distinct purchasing and procurement cycles of state and local governments, as well as Federal, K-12 education, and higher education entities. En-Net is a certified Maryland Small Business Reserve with contract vehicles and sub-contracting partnerships to meet all contracting requirements.