The COVID-19 pandemic has brought the year 2020 tremendous cybersecurity dangers to users as it intensified the holiday phishing scams and has increased phishing to 67 per cent in just over a year. Phishing is the biggest cyber threat to businesses and companies, with 94 per cent of malware directed to emails.


Now that the holiday season is just around the corner, there’s another whole new level of holiday cyberattack schemes created to deceive people into opening malware-laden files and attachments or clicking on malicious links. So it is crucial to familiarize yourself with phishing protections and know what to look for in your personal and business emails.


Phishing Security Protections


There is a standard IT security procedure you can use against phishing activities. These involve using a layered approach to protect all your bases. Here are some of the essential layers that diminish the risk of data breaches.


  • Anti-Malware Settings

 One of the vital layers of the standard IT security protection is using anti-malware settings in various platforms such as Microsoft 365. These settings can help protect you from phishing scams. Many of them are not on by default, so you should manually turn them on to add this layer of protection.

In Microsoft 364 business accounts, you can change the settings to:

  • Block links connected to malicious websites
  • Turn off the option for auto-forwarding email
  • Block suspicious file attachments


  • Anti-Phishing/Email Spam Filter


By filtering out suspicious and dangerous emails, you can reduce the risk of cyberattacks. Setting up anti-phishing or email spam filters can help capture phishing and spam emails even before they are delivered by matching them across the common properties of unwanted emails.

  • DNS Filter

 A DNS filter is a type of security protection layer that separates your Internet and your browser. So when you type a specific URL or even click it, this filter will check it across databases with known suspicious and malicious websites. Now if the DNS filter detects a dangerous site, then you will be directed to a warning page instead of sending you to that specific URL page.


What Email Holiday Phishing Scams to Look Out For


As part of your cybersecurity awareness program, you should remind all your employees of the upcoming seasonal phishing scams. To help you recognise the theme, here is a list of the common phishing scams you should look out for.


  • “Charity” Donation Emails

 The fake charity donation requests are emails you see in different forms and iterations.  People who send these mask themselves as real charities using the same logo or the name of a well-known charity. These emails can also be used not just to trick your employees into donating money but can also steal their credit card information and redirect them to malicious sites.


  • Fraud Order Emails

 Online shopping during the holiday season is prevalent and you and your employees can be easily tricked because of the many order notices that you receive via emails. Many phishing scammers may take advantage of this situation so they create as many fake order emails.

Fake order emails are made to look like real order emails like that of Amazon order receipts. When you click on the link, you will automatically download the malware into your system.


  • Gift and Promo Card Purchase Emails

Another phishing scam email is using gift and promo card purchases. Most of the time, this email may look like it’s coming from your company so your employees may be tricked into clicking it.

This kind of spoofed email takes some time as the scammer researches your company to find important details such as the managers’ names and the employees under them. After that, the scammer will create an email specific to an employee from a person within the company and ask them to buy a gift or promo card that is forgotten for the holiday customer gifts. But how would your employees prevent being scammed? Here are some of the things to consider:

  • The sender needs the gift cards in a short period of time
  • The sender mentions that they will be unavailable (out of town, meetings, etc.)
  • The sender requests the employee of the gift card numbers


Prevention is always better than cure. It’s better to act now and prevent cybersecurity attacks from happening, so you won’t put your business and your employees in dire situations such as phishing scams.


Fraud Watch is a digital brand protection company that has been protecting client brands around the world since 2003. We are experts in online brand protection against phishing threats, malware, mobile apps and social media impersonation. Visit our website today and learn more about how we can help protect your business against phishing scams.