With Black Friday and Cyber Monday just around the corner, email users can expect a substantial increase in the amount of marketing emails from the online retailers, sites and services that they use. Unfortunately, just as companies are ramping up their holiday marketing efforts, spammers and scammers are likely to increase theirs, looking for ways to catch consumers napping, or at least not paying as much attention to who sent the email, what is in the email and where the email links will take them.
Below are a few suggestions for how consumers can stay safe this holiday season;
1. Don’t be fooled by the packaging – Many spammers make significant efforts to make their emails look similar to the variety of emails consumers receive every day from their favorite sites and services. Popular brands, including Facebook, Amazon.com and eBay have been spoofed in recent spam and phishing campaigns that lure recipients into clicking on links or opening attachments. In some instances, that single click has infected computers with viruses with the sole purposes of stealing confidential financial information. It is important that consumers look beyond the way the email looks before they respond and fall victim to an attack.
2. Read the label – Consumers need to pay attention to the name of the person or organization sending the emails. If it is from someone or an entity that you don’t know, delete it. If the name in the “from field” is someone you trust, look at the email address to make sure it matches emails that you know and trust. Even in this instance however, recipients will need to be vigilant in reading the entire email to be certain the email is legitimate. Spammers have been successful at gaining access and control to computers with malware, and then using those hijacked systems to send out emails. Unfortunately, when people receive emails from other people that they trust, they tend to let their guard down.
3. Look for spelling and grammatical mistakes – While spammers are technologically savvy, many are bad spellers and have a difficult time forming correct sentences, especially in English. The combination of one and two above with the poor grammar should raise a red flag. Big retailers spend a significant amount of time proof reading their marketing materials for accuracy, so it is unlikely that they will commit the same mistakes as spammers.
4. Mouse-over the links – One of the easiest things to do before clicking on a link is to simply place your mouse arrow over the link to find out where the link will take you once it opens a browser window. The highlighted words and the actually link will likely be different in spam. While spammers are getting more sophisticated in masking their links or simply redirecting links once they are clicked on, combining suggestions one, two and three above with this suggestion will help to protect you from clicking on a link that will take you to malware infected page or installing a virus with the single click.
5. Do not unsubscribe – If you want to stop receiving future email messages, most sites and service include a way for you to unsubscribe. This simple link is required by law, and spammers know that. Spammers will include this link, but clicking on it may actually increase the amount of spam you receive and/or trigger a malware executable. When in doubt, simply delete the email. Like a phone message, if the email message was important, they will send a second one.
6. Avoid holiday e-cards – During the holidays, e-card sites are among the most popular targets for scammers. Rather than being a friendly greeting from a friend or family member, the link to the card may take you to a site trying to sell you something or to a page infected with malware. Look at the greeting for your name. If it’s not there, it is likely the person sending it doesn’t know who you are.
7. Be leery of charity email solicitations – Just as retailers and other sites and services are targets of spammers spoofing efforts, during the holiday season charities that bear the brunt of cybercriminals’ attention. Many charities issues warnings about fake campaigns, and recommend going directly to the organization’s websites to make donations. Even if the emails say “Click Here to Donate,” experience suggests that you would be better off finding the organization’s website through a search engine rather than clicking on the link.
In addition to being vigilant about the emails that you open, the links you click on and the attachments you open, you need to protect yourself with email security solutions that can keep pace with the level of sophistication and volume of spam that will be attempting to get through to email servers during the next two months. Ultimately, if the spam does get through to your inbox, it will be up to you to make the decision whether or not the email is real or fake. Unfortunately, making the wrong decision could result in a disappointing holiday season.