As the holiday season draws near, an increasing number of people will be doing their shopping in cyber space with their gifts arriving through the mail delivery services. The MS-ISAC reminds users to be alert and is providing the following information to help you stay safe.
Phishing emails, intended to trick individuals by luring them to websites where they enter credit card and other confidential information, continue to be lucrative for cyber criminals around the world. According to the company RSA, for the first half of 2012, estimated worldwide losses from phishing attacks alone amounted to more than $687 million. Attack numbers averaged 32,581 per month - a 19 percent jump compared to the second half of 2011. (Source: http://blogs.rsa.com/rsafarl/phishing-in-season-a-look-at-online-fraud-in-2012/)
Phishing attacks also solicit personal information by posing as trustworthy organizations in specially crafted emails or websites. They tend to proliferate after major events that lead to increased charitable contributions (e.g., hurricanes, floods), and cyclical events (like presidential elections, holidays or tax day).
The United States Postal Service (USPS) is warning consumers to be cautious "of fake emails seemingly coming from the [USPS], telling you that they have failed to deliver one of your packages on time." (http://www.net-security.org/malware_news.php?id=2310)
Additionally, during the holidays, consumers should be on the alert for phishing emails reportedly coming not only from the USPS but also from UPS, FedEx and other delivery services. The phishing emails may:
To avoid becoming a victim, the MS-ISAC recommends that you:
For More Information:
USPS -- Beware of Spam: Bogus E-Mails Sent to Postal Customers:
UPS -- Learn to Recognize Fraud:
FedEx -- Defending Against Fraud: