InfoSec Blog - Holiday Email Spam Season is Coming!


November 24th, 2016

As the Holiday shopping season approaches, so does the season for holiday email spam and scams. With more and more people doing their holiday shopping online, cyber criminals and malicious groups come out of the woodwork to capitalize on our trusting nature. Billons of holiday email spam messages are sent at this time of year because of one simple fact: they work! Some of the latest phishing and malware scams are incredibly convincing, and you may not even realize you have fallen victim.

These spam messages may contain links to phishing or malicious websites, or include attachments (such as Excel, Word, or PDF documents) that could install backdoors, ransomware, or key loggers on your computer.  Some examples of email spam campaigns sending out malicious attachments are listed below:

  1. Holiday e-cards that require software to be installed on your computer
  2. Fake package tracking messages pretending to be from a legitimate shipper
  3. Fake invoices from popular webstores
  4. Banking scams and phishing attempts pretending to be from the big banks
  5. Fake credit cards or gift cards
  6. Fake lottery scams claiming you have the winning ticket


Here are some tips to stay cyber safe during this busy holiday and email spam season:

  • Do not click on embedded links or open attachments if you receive an email referring to an online or in-store order, even if you think it might be legitimate.  Instead, open up a web browser and visit the merchant site directly.
  • Never give your account details out as a result of an email request.
  • Do not open unknown email attachments.
  • Do not buy products or services from unsolicited email messages, especially software.
  • Ensure that your internet security software is up to date to stop malware from being installed on your computer.


If you believe you are a victim of a holiday phishing scam or malware campaign, or to report suspicious email messages, contact the CCS Help Centre at x 58888 or email them directly at


Written by: Hanna Guan (Cyber Security Analyst, Information Security)

Image Source: Freepik