With the holiday season and year-end upon us, the “bad guys” know that people are shopping online, expecting gifts at their home or office, and are traveling more. As a result, we tend to see many more phishing attack attempts during the holidays as “bad guys” craft clever email messages with information about flights, packages, and hotel stays.

Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a “trustworthy entity” in an email message. For example, the message may look like it is being sent by FedEx, the US Postal Service, Delta Airlines, or a vendor or supplier stating that you have “past due amounts.”

We encourage you to be especially aware of email messages from what seem like legitimate companies, even those with whom you may have done business. Many phishing attacks are camouflaged in this way, but are designed to install malware on your PC or steal personal information. An example of a malicious email is shown below. This particular attack email has an infected file attachment, but many other attacks simply have a link that the attacker would like you to click.

We encourage you to be cautious about opening any attachment or downloading files from any emails you receive, regardless of who sent them. Phishing attacks can be unknowingly spread by family members and co-workers, if their email account is compromised.

Please be extra vigilant this holiday season. DO NOT CLICK on any email that states you need to take ANY action through an email link! If you believe it is a legitimate email, please call the company that supposedly sent you the email and confirm over the phone.

We wish you all a happy and safe holiday season!