DUBAI 3 December 2019: This holiday season, there are increased opportunities for threat actors to conduct operations that impact both individuals and corporations.
A primary factor contributing to this escalation is the hugely increased volume of payment transactions seen across this period – both online and at retailers. This increase in transaction volume presents an opportunity for threat actors because the compromise of associated systems can be more profitable than at other times of year.
During the holiday season threat actors may perceive that some organizations are more likely to give into extortion or ransom demands in order to minimize the impact of disruptive attacks. This perception is likely borne from the fact that the cost of business disruption during the holiday season is higher to many organizations, primarily retailers and those in the hospitality industry.
Additionally, more employees take time off during the holiday season than at other times of year. This means that there is a greater opportunity for threat actor impersonate people out of the office, and in the event of a successful compromise, a limited number of security personnel could hinder the capability of entities to quickly respond to and mitigate threats.
Over the 2019 holiday season, consumers can expect email-based attacks using seasonally themed lures such as holiday greetings and promotions for major shopping events such as Black Friday.
Emotet, which was arguably the most prolific botnet of 2019, highlights this trend – over the previous holiday season the botnet distributed malicious emails using themes including Thanksgiving, Black Friday, Cyber Monday, and Christmas lures, a trend we expect to continue throughout the 2019 holiday season. The use holiday themed email lures is a common and highly effective social engineering strategy used by many threat actors to improve the effectiveness of their campaigns.
In addition to holiday-themed lures, cyber criminals will likely attempt to exploit individuals’ desire to seek out sales and coupons over the holiday shopping season by crafting email lures advertising sales or pretending to have been sent by popular brands. More other common lures used by malicious email campaigns throughout the year, such as delivery notifications, are also more likely to be successful due to the increased volume of online shopping.
Note: The author is Manager, Cybercrime Analysis at FireEye