THE 360 NEWSLETTER

Have you already started your holiday shopping? Hackers have already thought of their strategies to attack you as soon as they get the chance! The holiday season is a time when we are more vulnerable because we are in a hurry and busier.

However, we must not let our guard down, because cybercriminals redouble their efforts to take advantage of loopholes and we have noticed a marked increase in attacks during that time of year. Indeed, cybercriminals take advantage of certain specificities of the holiday season to adjust to their target, such as:

• Consumers’ anxiety about backorders;
• The search for the best deals;
• The beginning of the research, which is done earlier due to longer delivery times;
• The line between work and our personal life that is more than ever reduced with telecommuting.

Do you know what techniques are most commonly used?

Big brands are often used in cyberattacks. They are easy and lucrative targets due to the large number of people who buy from them. Be even more vigilant when you receive emails from companies such as Costco, Amazon or delivery companies (e.g., UPS, FedEx), etc. Check the source link to make sure the email is indeed from these companies. We have also noticed an increase in attacks via text messages (“smishing”) and by telephone (“vishing”). So, the entry door is not only through email.

Let’s take a look at a few examples of frauds that are often put forward:

• You have to pay an extra $3 if you want to receive your package on time (widely used with delivery fees);
• You must click here if you want to receive your package;
• A request that prompts an action (e.g., complete the survey and win $$);
• The use of the anniversary of some companies (ex: to celebrate our 20th anniversary, we offer you...... just click on this link…);
• A bargain, or the chance, to find a pet (much sought after during the holiday season and harder to find since the pandemic);
• Travel is also a great source of fraud (e.g., fake discount tickets for Disney, car rentals, opportunities for good deals).

What should you be on the lookout for?

• If someone won't talk on the phone;
• A non-traditional payment method;
• Prices that are too good to be true.

In short, the holiday season is the perfect combination for cybercriminals: easy targets, in a hurry, looking for bargains, willing to do anything to find their gift in time for Christmas. A perfect cocktail to make you vulnerable! We, therefore, invite you to be extra careful and to take the time to validate the senders of the messages, not to disclose your personal information, not to open suspicious attachments and to report any email that seems malicious via the report button in your email box. These good practices are as valid at iA as in your personal life, so be vigilant at all times! This way, you will have a safe holiday season!

Should you require additional information about this article, please contact the iA Information Security Awareness team, by email at ISawareness@ia.ca