Holidays and tragedies are like candy for phishers looking to make a quick buck at your expense. For example, back in 2007 in the aftermath of some extreme weather, emails flooded the Internet with subjects such as, “230 dead as storm batters Europe.”
Unsuspecting recipients who opened the attachments from this email were infected with a virus which came to be known as the Storm worm. This is what spammers and phishers commonly do, they use social engineering tactics which play to human emotion in an attempt to bait their targets.
After a high profile breach, attackers are quick to send sometimes very authentic looking notifications requesting personal financial details under the pretense that it is needed to setup credit monitoring or other identity theft protection services.
Around the holidays, the common ploy is to send fake e-greeting cards with malicious files attached. It is easy for consumers to become victims of such schemes but some basic security practices can drastically reduce the chances for infection around Mother’s Day:
- Emails with unusually poor formatting or grammar can be indicative of SPAM campaigns. This can include messages which are missing names (i.e. ‘Dear ,’) or non-descript greetings (i.e. ‘Dear Mom,’). Messages like this, particularly ones with file attachments or links, should be considered highly suspicious and ignored or deleted
- Email from unknown addresses with undisclosed recipients should not be opened especially if the message contains attachments
- If you received an e-greeting card for Mother’s Day, consider checking with your children to confirm whether the message is legit
- Always run anti-virus with up to date signatures. Just in case something inappropriate is clicked, AV has a good chance of preventing the threat from infecting your system. This is common knowledge amongst Windows users but it is important to also remember that Apple computers are not immune to infection. With a growing number of users buying into the Apple eco-system we are also seeing a large increase in malicious software targeting the OS X platforms
Be smart, be secure.
- Confessions of a LinkedIn Imposter: We Are Probably Connected
- Physical Security: Active Shooter Response
- The Broken Link Between Physical and Cyber Security
- Measuring Risk – Physical vs. Online
Check out Tripwire SecureScan™, a free, cloud-based vulnerability management service for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology.
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
Title image courtesy of ShutterStock