A survey by One Poll and Dimensional Research on holiday shopping security practices evaluated online cybersecurity awareness of 2,011 consumers from the U.S. and U.K., and revealed that more than 40 percent believe emails from “trusted brands” are safe to click, and nearly a quarter of respondents (24 percent) anticipate doing at least part of their holiday shopping while at work.
“Cybercriminals are very resourceful, and they know that the siren song of a good deal is almost always irresistible to bargain hunters,” said Dwayne Melancon, CTO at Tripwire.
“The number one reason to click is trust in a brand, which isn’t good – I have seen some very convincing phishing emails and bogus websites that look nearly identical to the real thing. Shoppers need to look beyond the facade of convincing branding to make sure they aren’t being conned into clicking on a bogus link,” Melancon added.
Survey findings include:
- Over a quarter of respondents (26 percent) believe links contained in subscription emails and newsletters are “safe.’
- 23 percent believe links sent from trusted associates are safe to click.
- Only 28 percent of consumers believe it is never safe to click on email shopping links.
- 24 percent plan to do at least some of their holiday shopping at work.
“Employees need to be award that anytime their computer is on their corporate network, even if they logged in through a VPN, they can put their organization at risk by simply visiting the wrong website or clicking the wrong link in an email,” said Ken Westin, security analyst for Tripwire. “Savvy attackers know that malicious links are effective, that’s one reason phishing attacks are so pervasive around the holidays. Employees should be particularly careful when checking personal email at work, or when clicking links in ads on social media sites.”