Don’t Let the Grinch Steal your Holiday Cheer: Holiday Scams to Watch Out For

Lauryn Cash
Written by Lauryn Cash
News and Commentary /
Don’t Let the Grinch Steal your Holiday Cheer: Holiday Scams to Watch Out For

The end of the year is quickly approaching, and with it comes the holiday season. Many consider this a wonderful time of year, and scammers would agree. The Holidays present a perfect opportunity for bad actors to take advantage of online shoppers and employees who are taking OOO time for the holidays.

Holiday cheer can be exploited by cybercriminals and scammers looking to steal money, sensitive data, or just pull the wool over our eyes through deals that are too good to be true. As we approach the holidays, watch out for phishing attacks and brand impersonation attempts.

Below are four real-life examples of targeted threats that were seen by the Armorblox Research Team in the recent past, and take advantage of the holiday season. Familiarize yourself with these types of attacks and give joy this holiday season, not your sensitive data.

Holiday Scams To Watch Out For

Smoke, Mirrors, and Sunglasses: Ray-Ban Shopping Scam

Armorblox Research Team identified a shopping scam where attackers impersonated Ray-Ban, a popular luxury sunglasses brand, in an attempt to sell fake branded goods. Clicking the links in the targeted email attack led end users to a fake landing page (phishing site) replete with Ray-Ban branding and seemingly counterfeit inventory for purchase at deep discounts.


Action Required, Provide your Sensitive Information before Delivery: UPS Credential Phishing Attack

The attack in the spotlight is a malicious email, spoofing United Parcel Service (UPS), a prominently known multinational shipping & receiving and supply chain management company. The email attack looked like a legitimate UPS Express email, simply reaching out to the customer about a pending parcel delivery. Exploiting our curiosity bias, this email attack attempts to navigate victims to a fake UPS confirmation page where victims are prompted to enter a multitude of sensitive, personal identifiable information.


Hello, Is It Me You’re Phishing For: Amazon Vishing Attacks

Over the past year, the common public has gotten so used to shopping online that Amazon orders are now either made from muscle memory or in consumerist fugue states. It's this omnipresence of online shopping receipts in our lives and inboxes that cybercriminals continue to exploit. Armorblox Research Team identified two Amazon vishing attacks that attempted to steal victims’ credit card details by sending fake order receipts and including phone numbers to call for processing order returns.


You’ve Got A Phish Package: FedEx and DHL Express Phishing Attacks

Take a deeper look into two email attacks that Armorblox Research Team identified - one impersonating a FedEx online document share, and the other pretending to share shipping details from DHL Express. Both attacks aimed to extract victims’ work email account credentials, with phishing pages hosted on free services to trick security technologies and users into thinking the links were legitimate.


Consider This Before Writing Your OOO Message

The holiday season can mean many things to different people, but it’s one that brings friends and loved ones together across multiple gatherings. Before taking some quality time away from business meetings and endless Slack messages, thousands of star employees are configuring out-of-office messages. Unfortunately, these messages also provide helpful information to bad actors that are targeting your organization. Prior to going into the holidays, review the three reasons why out-of-office messages can do more harm than good.

It is best to implement alternative ways to signal your absence so that you do not put your company at risk. Help your teams and clients operate smoothly in your absence, without needing to set an OOO message, with tips and tricks from Armorblox.

Amorblox Tips and Tricks to Forgo OOO Messages:

  • Communicate and pass along necessary details directly with your manager and let internal teams know the dates you will be out of office via a calendar hold or direct email.
  • Update your Slack or Teams to out-of-office, utilizing the custom status option for additional details if necessary.
  • If you have external parties who you communicate with frequently, share the exciting details of your travels directly and remind them of the return date during prior conversations.
  • For ongoing projects that may need support, make introductions of individuals that will assist while you are away.
  • Encourage colleagues to utilize the company directory for updated contact information for you or contributing individuals they may need to reach while you are away. This prevents the need to include contact information in automated OOO messages and protects sensitive information from getting in the hands of attackers.

Why Do We Still Fall for Phishing Attempts?

Why do we still fall for phishing attacks after all those security trainings and awareness sessions? Because these attacks target your brain more than they do any security system. Security training teaches end users to allocate attention prior to each action, with methodical intention (System 2 thinking), where each step is considered and taken with caution prior to continuing. However, when doing the same action that we have done 100 times over, we tend to go through the motions without much thought, operating quickly and taking automatic actions based on past behaviors (System 1 thinking). When end users are going through their busy days and full inboxes, they are doing so with System 1 thinking. This is why end users are more likely to fall for phishing attacks in real life when you remove the training guardrails, where meticulous attention prior to every action is not demanded.

Bad actors know that end users are likely scanning emails quickly prior to taking an action, especially when trying to get that overcrowded inbox down to zero in time for family dinner. Scammers have figured out how to exploit this and several cognitive biases that we share across targeted email attacks:

  • Halo Effect - The bias that comes with having a positive impression of a person, brand, or product. This is why bad actors love to impersonate trusted people and brands.
  • Hyperbolic Discounting - The bias to choose a reward that gives immediate gratification.
  • Curiosity Effect - Our innate desire to resolve uncertainty.
  • Recency Effect - Our natural tendency to remember and act on recent, time-sensitive events.
  • Authority Bias - People’s willingness to defer to the opinions of others or authority figures. This is one of the main reasons bad actors choose to impersonate executives.

Keep these in mind when scanning your inbox this holiday season… and always. To learn more, check out our full webinar on the Science of Phishing.

Protect Your Organization this Holiday Season with Armorblox

Armorblox works seamlessly in the background, examining the context and content of email communications to protect your end-users against attacks. Eliminate the guesswork of email security and keep sensitive data out of the wrong hands, so both you and your company are protected.

See Armorblox in action. Click below to take our interactive product tour.

Take Product Tour

Read This Next