Protect Yourself from Phishing During the Holidays

At the holidays, inboxes everywhere are flooded with shipping updates, order confirmations, and eCards from family and friends. Attackers take advantage of the deluge of emails by sending creative phishing emails designed to catch you off guard. From fake charity websites to malicious eCards, cyber attacks spike during the holiday season.


Shipping Updates: Fake shipping notifications increase each year around the holidays. With so many online orders being shipped, people may be more susceptible to clicking a link about a status update or a failed delivery. Even if the message looks valid, go to the store/company website directly and enter the tracking number yourself. Call the shipping company for assistance using the contact information on their website.

Fake Order Confirmations: Attackers also take advantage of the increase in year-end online shopping on the most popular shopping days of the year — Black Friday and Cyber Monday. During this hectic time, you may be more likely to click an order confirmation link from your favorite store/company without questioning it. Keep track of your orders so you know what emails to expect and which to avoid.

Holiday eCards: Another popular lure that attackers use is sending fake eCards with malicious files attached. Although a cute eCard may look innocent, never click on a link from an unknown sender.

Charity Phishing Scams: Phishers often impersonate charities and send emails asking for year-end donations. Before entering your personal information and making a donation, ensure that the site is legitimate and that you recognize the domain. Also, ensure that the URL, shows as “https://”, indicating that the connection is secure.

Unsolicited Offers and Deals: Around the holidays, your inboxes are probably overflowing with messages about irresistible deals and promotions. Attackers often people target people with end-of-the-year giveaways and contests. Don’t click on any offers from an unknown sender. Instead, verify that the offer is legitimate by going to the retailer’s website and shopping there directly. Remember — if it seems too good to be true, it probably is.

Quick Tips — Keep these tips in mind to help you identify phishing emails in your inboxes:

  • Think Twice. Read emails thoroughly and be wary of offers that seem to good to be true.
  • Bookmark Shopping Sites. Avoid using search engines to find deals. Using trusted shopping sites can help reduce the chance of landing on a malicious website.
  • Look At the Domain Name. Some attackers will modify domains to catch you off guard. For example, if the correct domain is, the phishers may register as “” or “”.
  • Always Verify. Verify that the email is from the real sender before engaging. If you have any questions, call, or email the sender to confirm that the email is legitimate.

DID YOU KNOW?  You can safely check where a link goes without clicking on it:

  • Desktop — OSx and Windows — Hover your cursor over the link to view the URL.
  • Mobile devices — Android, iOS, Windows — Touch and hold the link until a pop-up menu appears.

Now, get to it . . .

This Blog is made available by me, an attorney licensed to practice law in the State of Connecticut. I am not a recruiter, hiring manager, or career agent. Nor am I an expert in any of the areas or issues related to job search activities. I am merely sharing my job search experiences with you. This Blog/Web Site is designed to provide accurate information on the subjects presented but should not be considered professional or legal advice.

Leave a Reply

Your email address will not be published. Required fields are marked *