As holidays approach, US-CERT reminds users to stay aware of holiday scams and cyber campaigns, which may include:

  • Unsolicited shipping notifications that may actually be scams by attackers to solicit personal information (phishing scams).
  • Electronic greeting cards that may contain malicious software (malware).
  • Requests for charitable contributions that may be phishing scams or solicitations from sources that are not real charities.
  • False advertisements for holiday accommodations or timeshares.

US-CERT encourages users and administrators to use caution when reviewing unsolicited messages. Suggested preventative measures to protect against phishing scams and malware campaigns include:

  • Do not click web links in untrusted email messages.
  • Use caution when opening email attachments.