It's the most wonderful time of the year – for holiday cheer, of course, but also for cybercriminals who use the season as leverage to manipulate their victims.
Like holiday music playing in department stores and decorations adorning your neighborhood, themed cyberattacks start around Thanksgiving and continue through Christmas. "These scams ride the wave of the holiday season, when users are more inclined to purchase online," explains Jerome Dangu, co-founder and CEO of Confiant, which has analyzed seasonal cyberattacks.
Most criminals aim to capitalize on the shopping frenzy that is the holiday season, and methods vary from victim to victim. Consumers are hit with fake delivery notices in phishing emails and credit card fraud; brands are targeted with malvertising campaigns and watering-hole attacks.
Holiday season cyberattacks are on pace to escalate by nearly 60% this season, states Carbon Black's Threat Analysis Unit (TAU) in this year's "Holiday Threat Report." Analysts considered the 2017 season for comparison: After Thanksgiving, notable security alerts spiked on Black Friday/Cyber Monday and continued at elevated levels through year's end.
Think you're safe after Christmas? Think again. The high point for seasonal crime happens in the days following Dec. 25, when people are taking advantage of post-holiday deals.
Here, cybercrime experts describe the threats that are top of mind for them during this year's holiday season. Read on to learn more about what you and your employees should watch for.