As the winter holidays approach, US-CERT reminds users to stay aware of seasonal scams and cyber campaigns, which may include:

* electronic greeting cards that may contain malware
* requests for charitable contributions that may be phishing scams and may originate from illegitimate sources claiming to be charities
* screensavers or other forms of media that may contain malware
* credit card applications that may be phishing scams or identity theft attempts
* online shopping advertisements that may be phishing scams or identity theft attempts from bogus retailers
* shipping notifications that may be phishing scams or may contain malware

US-CERT encourages users and administrators to use caution when encountering these types of email messages and take the following preventative measures to protect themselves from phishing scams and malware campaigns:

* Refer to the Shopping Safely Online, Cyber Security Tip for more information on online shopping safety.
* Do not follow unsolicited web links in email messages.
* Use caution when opening email attachments. Refer to the Using Caution with Email Attachments; Cyber Security Tip for more information on safely handling email attachments.
* Maintain up-to-date antivirus software.
* Review the Federal Trade Commission’s Charity Checklist.
* Verify charity authenticity through a trusted contact number. Trusted contact information can be found on the Better Business Bureau’s National Charity Report Index.
* Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
* Refer to the Avoiding Social Engineering and Phishing Attacks, Cyber Security Tip for more information on social engineering attacks.
* Refer to the Holiday Traveling with Personal Internet-Enabled Devices, Cyber Security Tip for more information on protecting personal mobile devices while traveling over the holidays.