As the winter holidays approach, malicious spammers have ramped up their efforts, flooding inboxes with a surge of unsolicited emails and Christmas-themed scams, according to a Bitdefender report.
Key findings indicated a steady rise in Christmas-themed spam rates since November 13, with notable spikes detected around November 30 and between December 5-8, 2023.
Nearly 30% of unsolicited emails bearing Christmas themes from November 13 to December 12 were flagged as scams by Bitdefender Antispam Lab.
Bitdefender's analysis uncovered a variety of deceitful tactics, including impersonation of reputable brands such as Temu, Alibaba, Aliexpress, Carrefour, Kaufland, Edenred, Walmart, Kmart, Home Depot and cryptocurrency platform Binance.
Analysis reveals a geographical spread of these scams, with 29% of Christmas spam emails targeting U.S. users and 19% reaching individuals in Ireland.
France stands out as a top destination, receiving 13% of these spam emails, marking a 6% surge from the previous year.
Germany experienced a 7% increase, accounting for 10% of the spam, followed by the UK at 9%, Italy at 4% and Australia at 3%. Cybercriminals are capitalizing on consumer trends during the holiday season, luring victims with promises of free gifts, money and exclusive offers.
These scams often entail fake surveys that request personal information, disguised as opportunities to win prizes, with the aim of defrauding unsuspecting individuals.
Alina Bizga, a security analyst at Bitdefender, warned that interacting with or falling for Christmas-themed scams can result in significant financial losses, account takeovers and even identity theft.
The surge in online shopping combined with short-staffed security teams and distracted employees, make it easier for cybercriminals to catch users off guard during this time and trick them into paying fraudulent invoices, deploying spyware or ransomware on an organization's IT system.
She added that the use of AI and LLMs this year has also been a true game-changer for cybercriminals, as it allows them to create near-perfect phishing content over email, text and social media.
The Gift That Keeps on Giving Mika Aalto, co-founder and CEO at Hoxhunt, pointed out that seasonal scams continue to exist because they're successful for hackers.
Aalto noted that many employees use the same devices for work and for personal use, so opening a malicious link in a seemingly personal message could have catastrophic consequences for the organization.
Bizga pointed out that the weakest link in cybersecurity will always be the human target, which is why cybercriminals place so much emphasis on the craft of social engineering.
For organizations, regular security training that covers social engineering awareness is a must, along with periodic mock phishing tests to help gauge employee resilience against evolving scams.
For the individual, having the right security on all devices and paying close attention to any unsolicited communications will go a long way.
This Cyber News was published on securityboulevard.com. Publication date: Fri, 22 Dec 2023 14:43:17 +0000