The United States Computer Emergency Readiness Team (US-CERT) issued a recent advisory warning that cybercriminals will very likely attempt to use the Philippines Typhoon disaster as part of email scams and phishing campaigns. Phishing attacks attempt to use high-profile events, including natural disasters in their subject line, to get victims to open an email and click on links contained in the message. The goal is to send victims to a web page designed to collect as much information as possible on victims, but increasingly phishing attacks attempt to get people to give up sensitive account credentials. They also can be directed to attack websites containing malware.
As the holiday shopping season begins, security firms say they typically monitor an increase in phishing activity. Here are 10 ways the US-CERT and solution providers said users can spot suspicious phishing messages.