Holiday Season Phishing Scams and Malware Campaigns

["US-CERT" <US-CERT () ncas us-cert gov>]

NCCIC / US-CERT

National Cyber Awareness System:

Holiday Season Phishing Scams and Malware Campaigns [ 
https://www.us-cert.gov/ncas/current-activity/2013/11/19/Holiday-Season-Phishing-Scams-and-Malware-Campaigns ] 
11/19/2013 04:10 PM EST 
Original release date: November 19, 2013

As the winter holidays approach, US-CERT reminds users to stay aware of seasonal scams and cyber campaigns, which may 
include:


  * electronic greeting cards that may contain malware 
  * requests for charitable contributions that may be phishing scams and may originate from illegitimate sources 
claiming to be charities 
  * screensavers or other forms of media that may contain malware 
  * credit card applications that may be phishing scams or identity theft attempts 
  * online shopping advertisements that may be phishing scams or identity theft attempts from bogus retailers 
  * shipping notifications that may be phishing scams or may contain malware 

US-CERT encourages users and administrators to use caution when encountering these types of email messages and take the 
following preventative measures to protect themselves from phishing scams and malware campaigns:


  * Refer to the Shopping Safely Online [ http://www.us-cert.gov/cas/tips/ST07-001.html ] Cyber Security Tip for more 
information on online shopping safety. 
  * Do not follow unsolicited web links in email messages. 
  * Use caution when opening email attachments. Refer to the Using Caution with Email Attachments [ 
http://www.us-cert.gov/cas/tips/ST04-010.html ] Cyber Security Tip for more information on safely handling email 
attachments. 
  * Maintain up-to-date antivirus software. 
  * Review the Federal Trade Commission's Charity Checklist [ 
http://www.ftc.gov/bcp/edu/pubs/consumer/telemarketing/tel01.shtm ]. 
  * Verify charity authenticity through a trusted contact number. Trusted contact information can be found on the 
Better Business Bureau's National Charity Report Index [ http://charityreports.bbb.org/public/All.aspx?bureauID=9999 ]. 
  * Refer to the Recognizing and Avoiding Email Scams [ http://www.us-cert.gov/reading_room/emailscams_0905.pdf ] (pdf) 
document for more information on avoiding email scams. 
  * Refer to the Avoiding Social Engineering and Phishing Attacks [ http://www.us-cert.gov/cas/tips/ST04-014.html ] 
Cyber Security Tip for more information on social engineering attacks. 
  * Refer to the Holiday Traveling with Personal Internet-Enabled Devices [ http://www.us-cert.gov/ncas/tips/ST11-001 ] 
Cyber Security Tip for more information on protecting personal mobile devices while traveling over the holidays. 
________________________________________________________________________

This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy 
& Use [ http://www.us-cert.gov/privacy/ ] policy.

________________________________________________________________________

OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ 
http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ 
http://www.us-cert.gov/related-resources ] 

STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]