Top 5 cybersecurity threats to look out for this holiday season

The festive season is well and truly underway, and with it comes the slew of shopping and gift-giving. Despite the generally positive attitude around this time of year, one area that needs to remain cautious is cybersecurity. As users are inundated with tempting online offers, they open themselves up to a number of holiday-related attacks that are designed to catch them unaware.

Retail as well as online shopping experiences a huge surge from November onwards, when tempting sales and markdowns drive consumers to spend on holiday deals and give generously to various charities. Online shopping has seen a massive uptick during the start of the Covid-19 pandemic, and that trend has been maintained well into 2022.

This growth has attracted new cyberthreats, with scammers taking advantage of unsuspecting shoppers in a variety of ways. To better understand how these threats operate, here are five cybersecurity threats to look out for this holiday season.

1. Fake ads and malicious links
This is the time of year when scammers zero in on targets who are searching for the best markdowns and bundle promotions, trying to spread their money further. Scammers run fake ads showing valuable and hard-to-get items at incredible prices. If a sale site seems sketchy, check for inconsistencies in spelling and language. Confirm that the website includes comprehensive policies on shipping, returns, customer support, and privacy. Check if the site is trusted by looking for “https” at the beginning of the site’s URL and ensure there is a closed lock or unbroken key icon.

2. Fake discounts and coupon code apps
Scammers will go to great lengths to obtain sensitive information. Other than hosting fake ads with bad links, they also build fraudulent applications that claim to search for and consolidate discount codes and coupons from popular brand names. Shoppers should look up the details of a developer’s identity. If it’s not obvious who they are and where they trade from, walk away. Use a security product to check if the application is known malware, or use public malware checking sites to check an application or suspicious file’s reputation.

3. Holiday email scams and phishing campaigns
The holiday season is rife with phishing scams as cyberthreat actors take to hiding amongst the throngs of legitimate emails from big brands. When reading emails, inspect link addresses before clicking on them. Scammers often use URLs that look similar to real ones, replacing letters and spacing with numbers and punctuation or using odd domains.

4. Fake charity sites and scams
Scammers will often take full advantage of people’s generosity during this time of year by spoofing the phone numbers of legitimate charities and impersonating the agents to ask for donations. Be wary of these solicitations whether online, via phone, or even in person. The safest way to donate to a charitable organisation is to reach out to them proactively, or simply donate through their official website.

5. Fake offers for seasonal work
Businesses often hire in advance of the busy holiday season. Scammers in these schemes impersonate HR representatives, recruiters, and even senior managers of real companies and post help-wanted ads via email or on social media platforms. Receiving a job offer right away after applying and without an interview is another common red flag. Only give personal information directly related to the application process after you have met in person or over video with a member of the company’s HR department.

Cybersecurity is crucial for everyone
We have covered many common scams that day to day consumers face during the holiday rush, but it’s important for businesses to protect themselves and their customers from cyberthreats, too. During the holiday season when threat actors are more active, businesses may equally find that they are understaffed and dealing with heavy demand.

It is important to keep up regular cyber hygiene and be wary of things that seem a little too good to be true. Practicing good online habits such as keeping personal identifiable information and payment data private and double-checking site, link, and app validity can save shoppers from much grief during what should be a joyful season. We hope the tips offered will help everyone stay safe during the festivities!

Tamer Odeh is the regional sales director at SentinelOne

Read: Awareness and cooperation key to warding off cyberattacks