Cofense - Security Awareness Training & Email Threat Detection

Keeping Santa’s Helpers Out of Your Inbox

Share This Article

As with everything else this year, the holiday shopping season will be open to more cyber threats as we shift from hitting the brick-and-mortar retail outlets to the online store front. Threat actors have your wallet and credentials on their shopping list. When it comes to preparing your users, friends and family for the holiday shopping season, we’ll cover some basics to remind everyone to remain calm and protect their wallets and credentials.

Email Security - Importance of Employee Training - Cofense Illustration

Gift Cards

The ease of sending gift cards makes these a top purchase. While retailers have made it easier to purchase online and send electronically, threat actors too are leveraging this in their gift bag.

RISKY Behavior: Clicking on a link in an email without verifying the link or the sender.

SAFE Behavior: Hover over the link to see where you are being directed. Reach out to the sender directly via a separate email or text message. Many retailers will include the claim code in the message body. Navigate directly to the website to locate the Gift Card redemption page. Manually enter the claim code.

Email Security - Threat Intelligence - Cofense Illustration

Shopping Sites

As the pandemic of 2020 began, we shifted our purchasing to online. We’ve become accustomed to navigating the online shopping world, making holiday shopping season shopping easier.

RISKY Behavior: Click a link via an email or an ad via another website.

SAFE Behavior: Navigate directly to the website for your product selection. While retailers and online banking sites proactively hunt for spoofed websites mimicking their brand, it’s a cat-and-mouse battle to find these. Ensure you are on a site that’s using encryption by verifying the lock in the address bar (URL). If the page allows you to use a secure payment method, such as PayPal, ApplePay or GooglePay, use these options to add a layer of protection to your bank account.

Email Security - Incident Response - Cofense Illustration


Expecting a package? Maybe you’re not expecting a package, but suddenly you have an email informing you that a special gift is on its way to your doorstep. It’s not uncommon for threat actors to spoof the popular brand, such as the phishing email sample seen below.

RISKY Behavior: Clicking the link in an unexpected email.

SAFE Behavior: Navigate directly to the website of the shipping company to get a shipping status. As with gift cards, manually enter the tracking code directly into the website’s tracking feature.

Phishing Emails - Anatomy and Characteristics - Cofense Infographic

Person holding smartphone with Cofense logo displayed on screen

Charitable Giving

Tis the season to catch up on charitable giving to make the tax benefit cut-off for end-of-year donations. Threat actors follow the newsworthy events and leverage the theme to tug at your heart strings.  

RISKY Behavior: Click on a link and providing your credit card information.

SAFE Behavior: Navigate directly to the charitable website and locate the donation giving page. Ensure you are on a site that is using encryption by verifying the lock in the address bar (URL). If the page allows you to use a secure payment method, such as PayPal, ApplePay or GooglePay, use these options to add a layer of protection to your bank account. If you receive a phone call asking for your donation for a worthy cause that you support, take down the name and inform the caller you’ll follow up at a later time. At that point, follow the same steps to navigate directly to the charitable website.

Enjoy a safe and cyber-secure holiday! Remember that Cofense is always here to help. Check out our phishing resource center for best practices and product information to fight phishing.

All third-party trademarks referenced by Cofense whether in logo form, name form or product form, or otherwise, remain the property of their respective holders, and use of these trademarks in no way indicates any relationship between Cofense and the holders of the trademarks. Any observations contained in this blog regarding circumvention of end point protections are based on observations at a point in time based on a specific set of system configurations. Subsequent updates or different configurations may be effective at stopping these or similar threats.
The Cofense® and PhishMe® names and logos, as well as any other Cofense product or service names or logos displayed on this blog are registered trademarks or trademarks of Cofense Inc.


We use our own and third-party cookies to enhance your experience by showing you relevant content, personalizing our communications with you, and remembering your preferences when you visit our website. We also use them to improve the overall performance of our site. You can learn more about the cookies and similar technology we use by viewing our privacy policy. By clicking ‘Accept,’ you acknowledge and consent to our use of all cookies on our website.