For businesses: 4 tips to avoid email scams in the holiday season
Updated at: Dec 03, 2020
We know and you also know that the holidays are an awesome time for everyone, including cybercriminals.
It's when people are lowering their guard, thinking about the year that is about to end, receiving emails with discounts and promotions, and also preparing for shopping.
Inside the companies, the scene repeats itself.
Employees are finalizing the last obligations of the year and receiving various emails with requests, offers, gift cards and thank you messages. It’s precisely at these festive times of the year that the volume of phishing and spear phishing emails usually increases.
How to prevent email scams in the business
Every year we hear of companies and people who fall into email frauds during the holiday season. What we say here at Gatefy is that there isn’t such a thing as a best time of the year to protect yourself.
You need to be protected year-round no matter what. This means that your business also needs to be protected all the time.
Here we have a list to help you avoid email scams during the holiday season. Share some of these tips with your employees and coworkers.
1. Gift cards scams
To get started, beware of free gift card emails. Most of the time, this is a phishing scam to get sensitive information.
Now think of another typical example of gift card scam: an employee receives a request from a director to buy gift cards for business reasons.
The employee buys gift cards, but he doesn't realize that the message didn't come from the director. He was lured and deceived by a cybercriminal who compromised and spoofed the director's email and impersonated him.
This is a BEC scam (Business Email Compromise), a type of advanced and targeted scam.
2. Spoofed websites
Thousands of phishing sites are created daily. They are replicas almost identical to the original ones. Then the hackers use email campaigns (or phishing) and social networks to spread them.
So beware of fake domains. Just to give you a real example: www.ray-ban.com isn't the same as www.rb6.us.
When it comes to companies, a fraudster can create a fake website of a partner and send an email to an employee requesting him to update the company's data and the payment information.
3. Shipping scams
This is another popular type of phishing attack. Criminals use the name of well-known companies, such as UPS, FedEx, Walmart, and Amazon, to apply scams in the shopping and shipping season.
4. Awareness training
We've been talking a lot about security awareness. It's critical to keep your business protected.
Most cyberattacks begin with human failure. That said, gift card scams, spoofed websites, and shipping scams will only succeed if someone falls into the fraud.
So train your team to recognize the main characteristics of threats.
Bonus: email security solution for companies
As we say, it is always good to be prepared and protected. The whole year, of course!