Avoid Malicious Spam and have a very Merry Christmas
Christmas is a particularly prevalent time for malicious spam messages. In addition to the regular email phishing, phones are also targeted through SMS Phising (smishing) and malicious links embedded in popular messaging apps. Another popular attack vector with cyber criminals is fake refund or shipment tracking sites that attempt to harvest credentials from unsuspecting members of the public. The success of these tactics is based on the increased likelihood of users using an online platform to purchase goods over the period, coupled with the increased urgency people feel to track their purchased goods in order for them to arrive in time for Christmas. This can lead some users to being less vigilant about clicking links and visiting sites than they might otherwise be throughout the year.
IT.ie advises you to review the following points:
- Christmas messages from an untrusted source that asks a user to click a link, play a video/audio file etc. should not be viewed. Even if the source is trusted extreme caution should be exercised as the source itself may have been compromised.
- Do not enter your account credentials if you receive an unsolicited email pertaining to be an online shipment company without verification first. In the event of users wishing to query the status of a particular item they should take note of reference numbers etc provided at the time of original purchase and ensure that these match any subsequent correspondence.
- Be particularly vigilant around new-year and Christmas eve when the volume of messages both legitimate and malicious increase greatly with people sending seasonal greetings
- Be vigilant when purchasing goods online, when browsing, make sure each site you visit starts with “HTTPS” (S stands for Secure)
- Deploy Two Factor Authentication (2FA) on all of your personal accounts where possible
- Secure your mobile devices:
- Make sure to update the device software and applications to the latest version
- Select the most secure settings on your device
- Do not reuse the same password across different accounts and create strong complex passwords.
It should be noted that even the most advanced threat actors use these methods, particularly at this time of year, to gain unauthorised access to networks or at the very least steal users’ credentials. If you have any concerns please don’t hesitate to contact us on 01 8424114 and we’ll be happy to put you mind at ease.