Data443 & Cyren
Products
- - - Products
    - For OEMs
    - Malware Detection
    - Malware Analysis
    - URL Categorization
    - Email Security
    - Threat Intelligence
    - For Enterprises
    - Malware Analysis
    - Inbox Security for Office 365
    - Threat Intelligence
  - - In the News
      
      Online Businesses Become a Phisher’s Playground
      Not nearly enough businesses have deployed sufficient security measures against phishing attacks through website builders and CMS platforms.Read Article on DarkReading >
      
      Go to Newsroom >
Solutions
- - - Expert Support
      
      Cyren’s dedicated security analysts have the expertise to deeply investigate sophisticated threats – their embedded documents and messy code.
      
      And from their vantage point across companies, geographies, and industries, analysts can track emerging attack vectors and prevent breaches.
      
      “For any false positive or user reported items, we do not need to be involved. Cyren’s dedicated team is on top of all these items.”
      
      via Gartner Peer Insights
Resources
- - - Recent Posts
      - Analyzing behavior to protect against BEC attacks December 22, 2022
      - Using NLP techniques to protect against BEC attacks December 8, 2022
      - Phishing with QR codes December 1, 2022
Company
- - - Company
    - About Cyren
    - Careers
    - Management
    - In the News
    - Contact Us
  - - In the News
      
      Online Businesses Become a Phisher’s Playground
      Not nearly enough businesses have deployed sufficient security measures against phishing attacks through website builders and CMS platforms.Read Article on DarkReading >
      
      Go to Newsroom >
BOOK A DEMO

Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Black Friday/Cyber Monday Alert: 5 Shopping Scams That Could Seriously Affect Your Business

The last thing any company needs during the holiday season is the gift of ransomware on its IT systems. During this week’s build-up to Black Friday, Cyber Monday, and the actual holidays (remember those?), everyone is going to spend some time doing a little shopping while on a company device or network, especially if it means scoring a bargain.

And cybercriminals are after their own form of “bargain,” using the general shopping hysteria to push malware and phishing campaigns. Here are 5 common types of holiday shopping scams you should watch out for, as categorized by Cyren researchers:

Hot Gift Discount Coupons—You can be sure that hackers know the hottest holiday gift trend and will use it to entice your employees into opening an attachment that looks like a coupon for 50% off the latest smart phone, but really contains a malware downloader.

Phony Delivery & Payment Notifications—A FedEx package has arrived! Just click this link to give us your address and other details. Cybercriminals phish (or deliver malware) very effectively by mimicking extremely well the types of emails we are eagerly anticipating during the holidays.

Fake Ecommerce Websites—A link advertising deep discounts on tablets, such as “discount-iPads.us” appears in inboxes. Click on the link and an employee is taken to a website that looks like it is selling iPads — but instead is capturing personal information and credit card data.

Ransomware Holiday E-cards—Click here to get your holiday e-card! One click and your employees have begun a malware download that locks all your systems down with ransomware until you pay the several thousand dollars in ransom!

Holiday Malvertising—Criminals are posting advertising links on Facebook or Twitter or even fake ads on legitimate websites to get users to click. Win a free Xbox game console by simply registering with your personal information! Once the victim clicks, they are redirected to a website that downloads malware or attempts to grab the victim’s personal information.

Rest Easier During The Holidays

Obviously caution employees to not click on attachments or unusual links, but the fact is that some criminals have social-engineered these emails extremely well and spoofed sites to the point that they look amazingly real. To rest easier during the holidays, deploy strong cloud-based Email Security and Web Security Gateways that prevent threats from reaching users in the first place.

Want to learn more about how Cyren’s security cloud can protect your business? Contact us here!

Nov 21, 2017 | Security Research & Analysis

Categories

You might also like

Analyzing behavior to protect against BEC attacks

Business Email Compromise

Understanding “normal” behaviors in email exchanges are key to combating advanced phishing and BEC attacks by John Stevenson Detecting Business Email Compromise (BEC) In the final part of our series of blogs on Business Email Compromise (BEC), it’s time to look at how...

Using NLP techniques to protect against BEC attacks

Business Email Compromise, Office 365, Phishing

How Natural Language Programming help combat phishing and BEC attacks by John Stevenson Business Email Compromise (BEC) Business Email Compromise (BEC) covers a range of email attacks that typically share a common core attribute. There is no obvious executable...

Phishing with QR codes

Phishing, Security Research & Analysis

Don’t Scan or be Scammed By Maharlito Aquino, Kervin Alintanahin and Dexter To In 1994, a type of the matrix barcode known as the Quick Response code, now widely known as QR code, was invented by Masahiro Hara from a Japanese company Denso Wave. The purpose of the...