The following is a guest post from HEROIC Cybersecurity.

Only a few weeks away, the holiday spending frenzy is quickly approaching. According to the National Retail Federation, over 56% of American consumers will shop online for the holidays. Adobe predicts Americans will spend over $91 billion this year – an increase of 11% from 2015.

Even though it’s the biggest sales season for online retailers, it’s also the best season for cyber criminals to take advantage of easy online victims.

Internet security company Enigma Software reports that malware infections in the month before Christmas have increased steadily for the past two years and will continue to do so this year. Comparing data from 2014 and 2015, the company reports an increase of holiday malware infections as high as 175% in some parts of the United States in the weeks before Christmas.

Why Take Caution When Searching For Deals

According to Adobe’s recent report, nearly 40% of this year’s buyers prefer email as the best source of communication from retailers for holiday deals. Display advertising (29%) and social media (14%) were consumers top picks in finding the best deals this year.

heroic_email_scam_hmWhat’s particularly alarming about this year’s consumer choice in communication is that email has been cyber criminals’ playground over the past few years. Cyber criminals have taken advantage of consumers and their reliance on email. Look-alike and fake emails from retailers are the favored approach of malware and virus providers. They hope that you fall victim to one of their emails so that they can either steal both personal and banking information or lock up your device with a ransomware demand.

Fake email offers (as shown right) can take on many different forms. They can pop up in inboxes as one-time specials, discount offers, bargain holiday buys or even as “difficulties fulfilling your order” look-alikes.

Some cyber criminals have become so skilled at designing fake emails, at times it’s nearly impossible to differentiate what’s legitimate and what’s not. However, simply hovering over links (without clicking) will often display the true intentions of the offer found within the email.

Another popular scam cyber criminals deploy during the holiday season involves using fake or hijacked social media accounts. They’ll populate social networks like Facebook and Twitter with holiday deals that really are links for malware and viruses.

How to Protect Yourself

Being aware of where cyber threats can come from and understanding that the number of them will greatly increase over the next few weeks is only half of the battle. Following standard email and device security practices is the other half in the ongoing battle with cyber criminals.

Implement the following email and device security practices in your household this holiday season:

  • If it looks too good to be true, it is. Never click on a suspicious email link from a retailer – especially if you’ve never heard of the website. Simply delete the email immediately.  If it’s from a retailer you know or have shopped with, go to their website directly to find the sales price.
  • Never click on a link in any suspicious message you receive through a social network like Facebook and Twitter. Take caution with all links that show up in your social feeds – even links from friends.
  • If you visit a website that asks you to install software in order to purchase things from them at bargain prices, leave the site immediately.
  • Shop on websites belonging to reliable retailers. Prices might be a little higher, but shaving off a few bucks is never worth the added security risk.
  • Make sure your device’s software is up-to-date (including apps, operating system and other programs).
  • Install reliable anti-malware software onto your devices.
  • Do not share personal information. Be aware of what information is being collected for your holiday transactions. If at any point things become suspicious, cancel the transaction.
  • Use safe payment options for your transactions. Never send cash through a money-wiring service.

These basic security practices seem very simple – and they are – but they are also extremely necessary. Implementing them before the holiday season is very important, but they should become standard practices throughout the entire year. By doing so, you and your loved ones will be able to enjoy a secure holiday season and new year.


Don’t become a victim during the frenzy of gift buying. Slow down, be cautious and protect yourself.


Editor’s Note: This blog article was written by an outside contributor – a guest blogger – for the purpose of offering a wider variety of content for our readers. However, the opinions and recommendations expressed in this guest blog are solely those of the contributor, and do not necessarily reflect those of The Security Awareness Company, LLC. If you are interested in writing something for us, please do not hesitate to contact us:

Wyatt Semanek for HEROIC

PR Manager at HEROIC Cybersecurity
HEROIC began out of frustration with current cybersecurity solutions and products for home users. Although enterprise-level solutions have matured over the last decade, solutions for individuals and families are still completely lacking and insufficient to fully protect against the growing number of cyber attacks threatening our technology.

With an extensive background in cybersecurity and technology, the founders of HEROIC are committed to providing the market with the world’s only holistic, next-generation cybersecurity platform for everyday home users.

Latest posts by Wyatt Semanek for HEROIC (see all)