You may already be familiar with term spear phishing. Spear phishing is the practice of using fake emails to lure unsuspecting users to bogus websites in an attempt to gain unauthorized access to their personal information. However unlike traditional spam, spear phishing is a highly-targeted operation.
By itself, the emails are pretty harmless. The real damage happens when an attached file is opened or after a link is clicked on.
But what’s different this year is how personalized these attacks have become.
It’s hard to recognize immediately that it may be fake when the email comes from the mall in your neighborhood, or from your most frequently visited store. Most likely if a store is sending an email it is going to be on their web site as well, so if you have any doubt over the legitimacy, skip the coupon link and go directly to the web site.