CERT mailing list archives

Current Activity - Holiday Season Phishing Scams and Malware Campaigns

From: Current Activity <us-cert () us-cert gov>
Date: Fri, 2 Dec 2011 13:43:29 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

Holiday Season Phishing Scams and Malware Campaigns

Original release date: December 2, 2011 at 1:23 pm
Last revised: December 2, 2011 at 1:23 pm


As the winter holidays are quickly approaching, US-CERT is
republishing this entry to increase awareness.

In the past, US-CERT has received reports of an increased number of
phishing scams and malware campaigns that take advantage of the winter
holidays and holiday shopping season. US-CERT reminds users to remain
cautious when receiving unsolicited email messages that could be part
of a potential phishing scam or malware campaign.

These phishing scams and malware campaigns may include but are not
limited to the following:
  * electronic greeting cards that may contain malware
  * requests for charitable contributions that may be phishing scams
    and may originate from illegitimate sources claiming to be
    charities
  * screensavers or other forms of media that may contain malware
  * credit card applications that may be phishing scams or identity
    theft attempts
  * online shopping advertisements that may be phishing scams or
    identity theft attempts from bogus retailers

US-CERT encourages users and administrators to use caution when
encountering these types of email messages and take the following
preventative measures to protect themselves from phishing scams and
malware campaigns:
  * Do not follow unsolicited web links in email messages.
  * Use caution when opening email attachments. Refer to the Using
    Caution with Email Attachments Cyber Security Tip for more
    information on safely handling email attachments.
  * Maintain up-to-date antivirus software.
  * Review the Federal Trade Commission's Charity Checklist.
  * Verify charity authenticity through a trusted contact number.
    Trusted contact information can be found on the Better Business
    Bureau National Charity Report Index.
  * Refer to the Recognizing and Avoiding Email Scams (pdf) document
    for more information on avoiding email scams.
  * Refer to the Avoiding Social Engineering and Phishing Attacks
    Cyber Security Tip for more information on social engineering
    attacks.
  * Refer to the Shopping Safely Online Cyber Security Tip for more
    information on online shopping safety.

Relevant Url(s):
<http://www.us-cert.gov/cas/tips/ST04-014.html>

<http://www.us-cert.gov/reading_room/emailscams_0905.pdf>

<http://www.ftc.gov/bcp/edu/pubs/consumer/telemarketing/tel01.shtm>

<http://www.us-cert.gov/cas/tips/ST07-001.html>

<http://charityreports.bbb.org/public/All.aspx?bureauID=9999>

<http://www.us-cert.gov/cas/tips/ST04-010.html>

====
This entry is available at
http://www.us-cert.gov/current/index.html#holiday_season_phishing_scams_and

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBTtkcRj/GkGVXE7GMAQI7LQf+Pvjrt4zh261D4DtWti/vr+E9i80MbM+l
R9iKORvL84S4pJMTbkQ1aow9PA5bwlvby7J/Zm1vZ9zZz9RQuv8qrkSPUukizGq0
766sDppSG3M68WkOP1AZJCZAXu5L/4iYlDi8GlN84JIm8xiWQ8FST+TXsTJj10zu
JNAQYxf8oTwOF7+IMTn4DLY3zQ0blWuiavypepPuB5BoBSkxmRYP53uV884sd/Lb
o0cGdlmDPNKzRnHW+Dd38GsqSE0xDS18uUZ7Z9S+TV7XTphcbmqcH5IRyyKgtXHo
ei8u7pa0gaIzhOJTSMyDMZt5K6OvA16+Zpv3I8jbJNqH5mDPbXBwyQ==
=mqxe
-----END PGP SIGNATURE-----
Current thread:

Current Activity - Holiday Season Phishing Scams and Malware Campaigns Current Activity (Dec 02)