As holidays approach, US-CERT reminds users to stay aware of holiday scams and cyber campaigns, which may include:
- Unsolicited shipping notifications that may actually be scams by attackers to solicit personal information (phishing scams).
- Electronic greeting cards that may contain malicious software (malware).
- Requests for charitable contributions that may be phishing scams or solicitations from sources that are not real charities.
- False advertisements for holiday accommodations or timeshares.
US-CERT encourages users and administrators to use caution when reviewing unsolicited messages. Suggested preventative measures to protect against phishing scams and malware campaigns include:
- Do not click web links in untrusted email messages.
- Use caution when opening email attachments.