There's a war on Thanksgiving and Christmas

But it's taking a very different form than what commonly gets reported in the news media. This war is being waged by hackers and scammers, and they're waging it by poisoning Holiday eCards designed to facilitate the distribution of malware.

BleepingComputer discovered the trend, noting an uptick of emails bearing headings like "You Have Received a Christmas Greeting Card!"

Inside these emails, recipients find a word file bearing titles like "Christmas-eCard.doc," with the body of the email providing helpful instructions.

All the user must do to see their eCard is open the doc and click the enable content button.  Of course, doing so doesn't display an eCard at all, but rather, installs whatever malware the email sender has decided to embed.

Holidays are a time when most let down their guard

Who doesn't enjoy getting fun, festive cards?  That's exactly what the hackers are relying on.  It's a clever bit of social engineering that has been finding success, which is only encouraging the hackers to employ the strategy even more.

Even if you haven't received an email like this, it's likely that you know someone who has.  Spread the word so more people are aware of the threat.  It's such a shame that things like this are a reality that dampens the spirit of the season, but that's the reality.  The more people we can alert to the dangers, the smaller the impact will be.

Our perspective

Stay on your guard, let all your employees know, and keep a watchful eye out.  As ever, the best defense is vigilance.  Don't open emails from people you don't know, and certainly don't open any attachments that may be embedded in those emails.  That's the key to having a hassle-free Holiday season this year.

 

~ As Hill Street Blues' Sgt. Esterhaus always advised: "Hey, let's be careful out there! " ~

 

Meanwhile, check out this report

This free executive report may give you insights into how to build your business with safe IT environments: 10 Hidden IT Risks That Might Threaten Your Business and 1 Easy Way to Find Them

The author

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPia Blogs. I am also available on LinkedIn, Facebook, and Twitter.

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT SupportI am Denis Wilson, President and Principal Consultant for DWP Information Architects. I help professionals grow their business by building a foundation of rock-solid information solutions for smaller healthcare, insurance, financial, legal, and nonprofits firms in Ventura County and San Fernando Valley. And have created cost-effective IT solutions, for over 20 years, specializing in cybersecurity and regulatory compliance. I am also a published author and speaker, working extensively with a variety of organizations, as well as providing small business technology education programs through business and professional associations. This just in: I will be speaking regularly at California Lutheran University's Center for Nonprofit Leadership starting in September.

Contact me if you would like me to speak at your association.