As the Diwali season approaches, the festival of lights is also casting a glow on increased cyber risks. Historically, cyber attacks spike during the holiday season, with cyber criminals taking advantage of reduced vigilance and the festive focus on celebrations, during a time for gifting and sharing. Cyber criminals leverage holiday themes in phishing attacks, disguising malicious emails as festive greetings or enticing offers designed to lure individuals into clicking harmful links. Such emails can lead to financially motivated cyber crimes or the theft of sensitive personal information. Financially motivated crimes comprised 85% of the 7,000 daily cybercrime complaints in May 2024 according to the Indian Cyber Crime Coordination Centre (I4C).
Swapna Bapat, Vice President Product Management, Palo Alto Networks says “As we approach the festive season, it is important for individuals to remain vigilant about online safety. Cyber criminals become most active at such times as most of them try to dupe people who would be distracted by the fun and excitement of celebrations. Financially motivated cyber attacks like phishing, malware or identity theft are some of the severe cyber threats that prevail during festivities in the digital world. However, many of these can be easily avoided by practicing smart online safety habits. With a bit of awareness and caution, we can enjoy the celebrations without falling victim to cyber crime.”
For a safer shopping experience, here’s Palo Alto Network’s guide to circumnavigating the digital world during the Diwali season and offers:
- Take a Moment Before You Click: Trust but verify any link before clicking on it or responding to messages about Diwali deals. Take a moment to stop and think. Scammers often create a sense of urgency to push you into quick action. By pausing and carefully checking, you can protect yourself from falling for their tricks and keep your personal information safe while you shop.
- Check for Spelling and Accuracy: Thanks to Gen AI – phishing emails seldom have spelling errors, poor grammar, or strange punctuation. Therefore, be extra vigilant in checking the sender’s email address for domain validity.
- Approach Social Media Ads with Caution: Ads you come across on platforms like Instagram and Facebook may lead to fake websites pretending to offer Diwali deals. Always verify the legitimacy of the website before making any purchases.
- Verify the Sender’s Domain: Ensure that any emails you receive come from official domains, such as addresses ending with the company’s official website. Scammers often use fake email addresses that look similar to legitimate ones to deceive shoppers and malicious websites are also used to hold on to an individual’s session tokens/login details.
- Protect Your Personal Information: Avoid sharing sensitive details like your date of birth or Aadhaar/PAN card number in response to unsolicited messages. Legitimate businesses will not request this information without a valid reason. Make sure your parents, aunts, and uncles know the dangers of sharing personal information when shopping online.
- Be Wary of Suspicious Messages: Phishing emails may resemble authentic order confirmations or shipping notices. Instead of clicking links within these emails, visit the retailer’s website directly by typing the address into your browser. This allows you to safely check your orders and account details.
- Check Account Status Messages: If you receive a message claiming there’s an issue with your account, go directly to the company’s website to review your account status. This way, you can verify any problems without clicking on potentially harmful links.
- Add multi-factor authentication (MFA): Turn on multi-factor authentication (MFA) on all services that allow it, including your email, for extra security. This helps protect your accounts even if someone gets your password.