SPAM. It’s here to stay and you’ll be getting more if it than you can handle thanks to the holiday season.

That’s right. While you’re sipping on peppermint mochas, cyber criminals are hard at work crafting fraudulent imitation emails that look like they’re from reputable companies such as Amazon, UPS, USPS, PayPal, your bank, etc.

They’ll use urgent headlines to scare you into opening and clicking on their links too: “USPS Delivery Failed” “Thanks for your order””We noticed unusual activity in your account.”

These cyber criminals are hoping you open their email so they can steal your money!

Phishing accounts for 90% of data breaches

What will you be doing with all your extra email spam / phishing attacks?

Hopefully you’ll be avoiding them like the plague.

Even better, hopefully you’re using a reputable email filter (such as Proofpoint) that catches spam emails before they make their debut in your inbox.

If you’re not, you need to be extra careful when checking your emails because cyber criminals are crafting emails so carefully, they’re still able to fool tech savvy people!

We’re taking a close look at some popular variations of spam and reminding you not to click on any links, no matter how credible and urgent these emails appear. Also we’re showing you some facts you simply can’t ignore.

Phishing Facts of 2019

  • The average financial cost of a data breach is $3.86m (IBM)
  • Phishing accounts for 90% of data breaches
  • 15% of people successfully phished will be targeted at least one more time within the year
  • BEC scams accounted for over $12 billion in losses (FBI)
  • Phishing attempts have grown 65% in the last year
  • Around 1.5m new phishing sites are created each month (Webroot)
  • 76% of businesses reported being a victim of a phishing attack in the last year
  • 30% of phishing messages get opened by targeted users (Verizon)
email spam
The holiday season especially tends to get an increase of spam since everyone is ordering gifts online.

EXAMPLE 1 “USPS Delivery Failed” phishing email

USPS Delivery Failed email

Cybercriminals are posing as the U.S. Postal Service targeting consumers with phishing emails claiming packages are undeliverable. Next, potential victims, click on the fake tracking numbers that can download malicious software to their computers.

This malicious software could possibly include ransomware, which will freeze your computer, making it useless until a large sum of money is paid to the cybercriminal. Another possible malicious software can be spyware, which tracks all your computer activity including stealing your personal and financial information.

Be on the lookout for suspicious looking emails disguised as reputable delivery companies such as FEDEX, USPS, DHL, UPS, etc.

These email may appear to look very authentic, including company logos, fake tracking numbers, or even bar codes.

Subject line example: “USPS Deliver Failed for parcel #59838769273762876″

Dear [EMAIL], hereby we notify you that your delivery tracking #650087 has FAILED to be delivered at the destination address. To claim your package or initiate a new delivery attempt please use the attached document.

Feel free to contact us with any further questions.

Call us
Call 1-800-ASK-USPS® (800-275-8777)
M-F – 8:00am-8:30pm ET
Sat – 8:00am-6:00pm ET
Sun/Holidays* – Closed

EXAMPLE 2 “Fake Amazon Order Confirmation” phishing email

amazon phish

Shopping online? Many cybercriminals are also creating phony online order confirmation emails claiming to be from big retailers like Target, Wal-Mart, Costco, Home Depot, Amazon, etc. They may also include logos from the companies and appear realistic.

You may receive phishing emails disguised as a major retailer with a subject line such as:

  • “Thank you for your order”
  • “Order Confirmation”
  • “Thank you for ordering from [company name]”
  • “Order Status”

EXAMPLE 3 “Paypal Unusual Activity” phishing email

Sure, with all the online shopping you’ve been doing, perhaps you used PayPal. However, when hovering over the link, you’ll see it’s not going to PayPal. Don’t click! “Urgent” Emails such as this one rely on you to take immediate action, therefore you’re less likely to take your time and closely examine the email.

paypal scam

Therefore, if you happen to receive a spam message similar to the examples above, it’s strongly recommended that you:

  • Do NOT download or open any attached files.
  • Do NOT click on any links
  • Delete the email immediately.

Our recommendation for email security:

Proofpoint Essentials – The #1 Cloud based email security solution. This Filters your emails in the cloud before they enter your network!

Email threats are constantly evolving. Are your defenses?

Proofpoint Advanced Email Security is a complete solution for email threats and continuity. No other email defense protects you against a broader range of advanced email threats, such as holiday spam mentioned here.

Email Phishing Facts Source: https://retruster.com/blog/2019-phishing-and-email-fraud-statistics.html