US-CERT alerted users to stay aware of online shopping frauds and malware campaigns that mimic popular brands, fake advertisements and offers.

Attackers can deliver sophisticated malware through email campaigns that result in financial loss, security breaches & loss of PII.

“As this holiday season approaches, the Cybersecurity and Infrastructure Security Agency (CISA) encourages users to be aware of potential holiday scams and malicious cyber campaigns, particularly when browsing or shopping online,” says CISA.

CISA also warns that threats actors may send a spoofed email requesting you to support for fraudulent charities or causes. Users should be vigilant in accessing those emails.

Holiday Online Shopping Frauds

Europol warns users to be aware of ads in instant messaging or social media that claim to be offering tickets, email advertisements and gift cards received. “Think twice before clicking on any emails as they could direct you to a fraudulent site or infect your device with malware.”

It is always recommended to buy the tickets from the official website, venue’s box office, reputable ticketing website or through official agent or partner.

Beware of the advertisements that offering you a service at a very low price and ads that urge you to pay quickly for additional discounts.

  • Before making bookings, check it is a reputable website.
  • Ensure the payment processed over HTTPS.
  • Check for user reviews
  • Pay attention to the website name and domain
  • Check for website contact details and validate them

Holiday Malware Campaigns

Users should be aware of unsolicited emails that contain malicious links or attachments as malware, links for the malicious site or fraudulent domains.

Beware of the Fake apps that promises you to get additional discounts, these bogus apps may enter into official play store also, be careful while installing those apps. It’s easier anyone can fall prey into cyber scams, always go with the reputable vendor.

  • Avoid clicking of links or opening attachments.
  • Use reputable Internet Security products.
  • Don’t use public Wi-Fi.
  • Beware of social media pleas, calls, texts and websites.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.