Optistar uses cookies to make our website work properly and to provide the most relevant content and services to our clients and site visitors.


Valentine’s Day: A Simple Holiday or a Cybercrime Magnet?

February 16, 2022

While your employees are looking for ways to show their undying love for a significant other, cybercriminals are looking for a way to turn that love into a profit.

Valentine’s Day is one of a few holidays where cyberattacks increase, taking advantage of the large number of online orders that take place around the day. 32% of Americans placed online orders related to Valentine’s Day in 2021. Spending for 2022 is estimated to be $24 billion.

Because of the money being thrown around, there is a lot of attention from both legitimate retailers and malicious parties looking for a quick buck. Beyond the short-term scams, there is also a more sinister side to these schemes, especially when cybercriminals use the increase in online shopping as an opportunity for targeted phishing campaigns.

In 2021, there were more than 400 Valentine’s Day themed, targeted email campaigns reported in January alone. Out of 23,000 domains registered with Valentine’s Day themes, more than 500 were found to be malicious or suspicious. A unifying factor among these phishing scams was the impersonation of a trusted company, usually offering incredible discounts on gifts like jewelry, chocolate, or floral arrangements.

Spear Phishing Campaigns Targeting Businesses

How does personal shopping impact your business? The problem is that many of your employees are likely making purchases of their own, and so they could be susceptible to phishing attacks. What’s even more problematic is that many employees use personal devices to access work email accounts or networks, or they use work devices to access private accounts outside of working hours.

Only 40% of employees who use personal devices for work use monitored devices. Of the people who use their own personal devices, 86% access company email accounts, and 67% access shared work documents.

Although these are just mundane activities, the fact that they are done on an unsecured personal device can put your company at risk. This means that a successful phishing attack in an employee’s personal email account could result in cybercriminals having access to work accounts and files.

If your company is being targeted in a spear phishing campaign, individual employees could be in the crosshairs without knowing it. Both their personal and work email accounts could be receiving phishing emails this Valentine’s Day that might be putting your employees and your company at risk. Phishing attacks often aim to steal data or login credentials for company systems.

Browsing Safely around Valentine’s Day

Cybersecurity is vastly important, especially around the holidays when the stakes are high. Luckily, cyberattacks are not inevitable. Good cybersecurity policies and personal habits will help your employees recognize phishing attempts and protect themselves from attacks.

Here are a few ways you can protect your company from cyberattacks:

  1. Establishing a work email policy. Having and enforcing a work email policy helps your employees know where the line is, gives a clear reference point for where they should or shouldn’t access work data, and lays down the rules for safely accessing work emails.
  2. Providing devices to employees for work purposes. It’s difficult to secure personal devices against cyberattacks, but company devices can be better protected and can be used for work purposes only. This eliminates the risk of personal use leading to cybersecurity threats.
  3. Training employees on cybersecurity. Employees who are aware of cybersecurity threats are more likely to recognize them ahead of time, report suspicious activity, and avoid falling into phishing traps.

Valentine’s Day is a time to celebrate love, not to think about fraud. Be aware of the threats you and your employees may face around the holidays, plan ahead to be prepared, and focus on creating sustainable cybersecurity practices that act as a shield against future attacks.

If you have questions, contact us to schedule a free consultation with one of our Senior IT Consultants. 


Back to Insights
Sign up for More Insights