Easter Holiday Phishing Scams and Malware Campaigns

As the Easter holiday approaches, US-CERT reminds users to stay aware of holiday scams and cyber campaigns, which may include:

• unsolicited shipping notifications that may actually be scams by attackers to solicit personal information (phishing scams),
• electronic greeting cards that may contain malicious software (malware),
• requests for charitable contributions that may be phishing scams or solicitations from sources that are not real charities, and
• false advertisements for holiday accommodations or timeshares.

US-CERT encourages users and administrators to use caution when reviewing unsolicited messages. Suggested preventive measures to protect against phishing scams and malware campaigns include:

• Do not click web links in untrusted email messages.
• Refer to the Shopping Safely Online Tip.
• Use caution when opening email attachments. Check out the Using Caution with Email Attachments Tip for more information on safely handling email attachments.
• Review the Federal Trade Commission's page on Charity Scams. Use the links there to verify a charity’s authenticity before you donate.
• Read the Avoiding Social Engineering and Phishing Attacks Tip.
• Refer to the Holiday Traveling with Personal Internet-Enabled Devices Tip for more information on protecting personal mobile devices.