Cyber threats are especially prevalent during the holiday season. Hackers know that most organizations operate on a skeleton crew during this time of the year. A 2021 report noted that major ransomware attacks “tend to occur on weekends and holidays when fewer staff are around to detect and respond to them.”
During this holiday season, it's important to remain vigilant. Here are tactics to be specifically aware of:
Multi-factor authentication (MFA) has become so common that many individuals respond to authentication requests almost instinctively, without taking the time to confirm that a request is genuine. Imaginative hackers are capitalizing on this trend.
After stealing login credentials or buying it of the dark web, attackers are performing a form of social engineering to get around the protections of MFA. Here's how it works: The attacker repeatedly attempts to log in to a corporate network. This causes the targeted individual receiving a seemingly endless stream of requests to allow access on their mobile device. Ultimately, the targeted individual gets irritated and accidentally clicks the "Approve" button or simply accepts the MFA request to stop the continuous notifications.
This type of technique has proven to be very successful by threat actors this year. If you suspect you are a victim of this type of attack, changing your account password will prevent the ability to generate further MFA push notifications.
Phishing emails and fraudulent websites
During the holidays there tends to be a surge of fraudulent websites created. The goal is to entice a victim to the site to harvest credentials, credit card information, or possibly install malware. In the second quarter of 2022, the shipping company DHL was the third-most impersonated brand in phishing emails according to Check Point. FedEx, UPS, and other retailers have warned of similar fraudulent websites, which typically increase in frequency during the holiday season.
With this attack vector, an attacker warns the recipient of a supposed problem in delivering a package, directing the recipient to click on a malicious link where they are required to enter login or credit card information. Phishing emails — including those sent to personal email accounts but accessed on work devices — may also be used to plant malware on corporate systems. This tactic increases around major shopping days, such as Boxing Day and Black Friday, to achieve the same goals.
Conrad Bell is SVP & Chief Information Security Officer at C Spire.