The holiday season is always a time of heavy activity for cybercriminals, as they take advantage of the heightened emotions, increased shopping and travel activity, and busy preparations to create ripe targets for attacks. Many of the hallmarks of phishing and other cyberattacks are considered par for the course at this time of year, and targets are likely to be less suspicious of unsolicited messages and more willing to give or spend money. Recent data from DNSFilter reveals a marked increase in malicious domains related to the holidays, demonstrating the surge in attacks targeting holiday shoppers.
The Anatomy of Holiday Scams
During the holidays, scammers leverage tactics like fake shopping deals and promotions, using new shopping-related top-level domains (TLDs) like “.shops” and “.deals” in their malicious links. These malicious links are often used to deliver malware to target devices, steal money, or gather personal details. Like many social engineering attacks, these scams often include time-sensitive offers and exclusive discounts in an effort to manufacture a sense of urgency, causing targets to act quickly without considering security.
Historically, these attacks tend to peak around Black Friday and Cyber Monday. Malicious activity related to the holidays is primarily intended to deceive the target into performing a financial transaction or sharing credit card or bank details. Last year, Cyber Monday was a major day for these attacks, as a phishing domain with “cybermonday” in the name saw a sharp spike in activity on that day after a smaller—but still alarming—spike on Black Friday.
Why These Scams Work
These holiday-themed scams tend to work for a lot of the same reasons as other phishing attacks, with the holiday season simply heightening the effectiveness of their methods. “The holidays contain more travel and gift-buying activity along with heightened emotions, so there are a lot more psychological buttons available to hackers during this season of giving,” according to Mr. Mika Aalto, Co-Founder and CEO at Hoxhunt, a Helsinki-based Human Risk Management Platform.
While social engineering tactics like creating urgency and trust are used year-round, this time of year brings an additional sense of trust as phishing tactics echo seasonal norms. The holidays also carry a feeling of emotional generosity, making users more susceptible to scams involving gift-giving and charity. The increase in online shopping and reliance on digital transactions also makes targets less wary of this type of communication and activity.
The Broader Threat Landscape
Along with the surge in holiday-related scams, the election season has had a major influence on the threat landscape as well. Massive events like federal elections, rife with heightened emotions and misinformation, are fertile ground for scammers. Most of these election-related attacks happen in advance of election day in an attempt to influence votes.
In the wake of the election, threat trends show a shift in focus, targeting consumers and their wallets rather than voters and their opinions. Bad actors are always looking to score maximum payouts and benefit financially from their attacks. While there is a significant spike in domain traffic on malicious shopping-related domains at this time of year, activity leveraging these domains can extend far beyond the holidays to take advantage of unsuspecting consumers.
Practical Steps to Stay Safe
Organizations and individuals alike must take steps to protect against growing attacks at this time of year. Individual consumers should learn to recognize fake domains and phishing attempts by searching for the telltale signs of phishing messages, such as unsolicited communications from unknown senders, unfamiliar wording and awkward greetings, and typos or slight misspellings in email addresses and domains. They are also encouraged to independently verify any deals they are offered, especially if they seem too good to be true and confirm that they are using secure payment methods to carry out their transactions.
Businesses should employ measures like DNS security to filter risky content and block suspicious websites. It is also important to use proactive methods and policies to block malicious domains, secure sensitive areas and resources, and protect against malware attacks.
The Importance of Awareness
In addition to using tools to detect and prevent attacks, it is vital to reduce risks associated with the human element. Employees and customers can put an organization at risk if they are not educated and equipped to detect phishing attempts and use secure practices year-round. “The best way to fight cybercriminals is to combine technological defenses with vigilant practices,” says Krishna Vishnubhotla, Vice President, Threat Intelligence at Zimperium, a Dallas, Texas provider of mobile security solutions.
As holiday scams grow more sophisticated and effective, it is essential for both organizations and individuals to emphasize proactive vigilance in their efforts to protect against these scams. Maintaining security online requires understanding and practicing fundamental security best practices and considering cybersecurity in every interaction. Users are also encouraged to spread the word of holiday-related scams and help friends, family, and colleagues to understand the risks.
Keeping the Holidays Merry and Malware-Free
Protecting against the myriad threats that come with the holiday season demands awareness and caution. Malicious actors leverage shopping-related TLDs and social engineering tactics to take advantage of the goodwill, commercial activity, and bustling busyness of the holiday season. Whether they are attempting to simply extract money from their targets or deploy malware, these attackers can cause significant damage if businesses and consumers are not aware of the risks. It is crucial for individuals and organizations to prioritize cybersecurity during the holiday season.
