Like many other popular holidays around the world, Valentine’s Day is beloved by millions of people and is widely celebrated. Unfortunately, holidays like this have become a magnet for cybercriminals, as people look to buy gifts, book experiences, and do something special for their significant other.
Due to the popularity of Valentine’s Day, certain things can become incredibly scarce. Dinner reservations, jewellery, flowers, and more are booked up and bought out quickly, leading to many people getting desperate, especially as the day grows closer.
Cybercriminals know this and use this to their advantage, crafting increasingly devious and intelligent phishing scams to separate consumers from their money.
In this article, we are going to cover the 3 most popular phishing scams that are often seen around Valentine’s Day, as well as the best ways to avoid them. Avoiding these scams can save you time, money, and a lot of embarrassment on the big day!
1. Phishing scams for services or products
Around Valentine’s Day, certain products and services become incredibly popular. For example, a couple might be looking to buy some jewellery for each other from a popular high street brand.
This brand will undoubtedly be sending out a load of marketing material via email to convince people to buy from them over their competitors. Unfortunately, due to this increase in email marketing, the door is opened for cybercriminals.
A phishing email will seem as if it has been sent by the brand in question. It will contain a lot of the same visual assets and the text may have been lifted directly from a legitimate email. However, all the links in the email will have been replaced with ones that link to fraudulent web addresses that have been designed to harvest and misuse your data.
Check the sending email closely if you are considering clicking any links in the email. The sender’s email/name will be close to the legitimate one but will have some differences, which are obvious if closely inspected. If the email differs from the legitimate source, do not click any links and immediately delete it.
If you are suspicious, it’s always better to be safe than sorry. If the content doesn’t look right or the wording is awkward, delete the email and move on.
2. Order confirmation or receipt phishing emails
A new kind of phishing scam involves sending fraudulent order confirmation emails. These are often easy to spot as if you haven’t placed an order with the company, it’s simple to know that the email is fraudulent.
If you receive an order confirmation or receipt for an order you didn’t place, delete the email and mark the sender as spam.
Unfortunately, these scams work by targeting the small percentage of people who have placed an order with the company they are impersonating.
If you receive a confirmation or receipt, there are a few ways that you can check if it is fraudulent:
- Does the email have an attachment? If so, don’t open it right away. Check the file extension first to see if it has a non-standard extension, such as .zip, or if the extension ends in “m”. Either of these will likely contain malicious code that will infect your computer.
- Is the sender’s email correct? As with our first point, check the sender’s email closely against previously received, legitimate emails.
- Did you order something recently? Often, order confirmations will come through within a matter of minutes from businesses. If it’s been several days or even weeks since your order, it’s probably fraudulent.
- If you are unsure, don’t click any links or open any attachments. Instead, go to the official website of the business in question and log in to your account there to check your order status.
3. Phishing emails asking you to confirm your details
The final kind of phishing emails that are common around holidays, including Valentine’s Day, are emails asking you to provide confidential data.
Emails of this kind can include requests to confirm order details, password or account resets, or even more outlandish requests.
If you ever receive an email out of the blue from a business asking you to provide confidential information, be suspicious. Legitimate businesses will never ask you to provide data such as your account username and password. They won’t ask you for sensitive personal information either unless previously discussed and agreed upon as part of a service they provide.
Never provide account login information. This is an attempt by the scammer to access your account. Similarly, if you receive a password reset request that you didn’t ask for, never click any links in the email.
Unfortunately, email phishing scams do become more prevalent around major holidays such as Valentine’s Day. It’s important as a consumer to protect yourself and be aware of the techniques that cybercriminals utilise.
If you are concerned about how your business deals with email phishing scams or would like to improve your email cyber security, get in touch with us. Our cyber security experts will be happy to walk you through how Wizard Cyber can help, as well as answer any questions you might have.
