November 11, 2015 By Jaikumar Vijayan 3 min read

If Mondays are usually when security administrators have their hands full cleaning up malware threats and data breaches, there’s a perfectly good reason for it. The weekend is when employees typically tend to bring their office laptops home and browse the Internet via poorly secured Wi-Fi connections — sometimes downloading all sorts of malicious software in the process. They then introduce the threat on the corporate network when they log back in at work.

Freaky Fridays

Cloud security services vendor Cyren recently examined daily malware distribution trends during the third quarter of this year as part of its “Cybersecurity Awareness Report.” It discovered that Friday is the peak distribution day for spam and malicious software.

According to the company, cybercriminals appear to be purposely spiking malware distribution on Fridays to take advantage of what they apparently consider to be less protected employees and corporate systems. Cyren’s review showed that, on average, cybercriminals distributed about 2.25 billion attachments containing malware on Fridays during the third quarter of 2015, or roughly three times the number distributed on other week days.

The numbers lend credence to the generally held perception that Mondays are when new malware tends to surface most on corporate networks, Cyren said in its report.

Ramping Up the Holiday Season

Enterprises would do well to pay heed to the trend. The holiday shopping season is when employees are likely to use work laptops and other mobile devices more extensively for personal use than they normally would, browsing e-commerce hubs, searching for products and buying goods online. If previous years are any indication, the holiday shopping season is also when cybercriminals seriously ramp up their efforts to try to infiltrate systems with malware, spyware and other threats.

The FBI and US-CERT have routinely issued alerts around this time each year warning consumers to be on the lookout for online trickery and scams. Last November, for instance, US-CERT issued an alert warning Internet users of cybercriminals using tools like rogue e-cards, shady social media campaigns, fake advertisements and phishing emails with malicious attachments to install malicious software on computers. Cybercriminals have been known to seed the Internet with hundreds of fraudulent websites in an attempt to lure users searching for items using terms such as “Black Friday” and “Cyber Monday.”

Not Just a Consumer Issue

It’s not just consumers that are exposed to the threat. Poorly secured corporate laptops, smartphones and tablets with access to enterprise data could become easy targets for compromise if adequate endpoint controls are not in place.

Corporate systems are exposed to other threats as well, especially when used from unsecured locations or via poorly protected Wi-Fi connections. The Cyren review showed that attackers have begun using phishing campaigns directed at the organizations that the victims work for rather than the individuals themselves.

A Sinister New Malware Campaign

According to Cyren, cybercriminals appear to be attempting to extract the name of the employer the victim works for in addition to their corporate network login names, email addresses, business phone numbers and passwords. Often the scams involved the use of emails that purport to arrive from trusted organizations such as LinkedIn, Amazon and Apple, Cyren said. The fake domains that cybercriminals have set up to lure users into parting with their corporate credentials include fake sites linked to Apple, DHL, Bank of America, Amazon and PayPal.

It is unclear what exactly the motives are behind the new phishing strategy, but it’s likely part of a long-term attack campaign by cybercriminals to collect and sell corporate login credentials for use in data breaches, Cyren said. Or cybercriminals could be trying to target and breach webmail services that can then be used to access corporate applications and data. Either way, users need to be aware of the schemes and keep security best practices in mind to ultimately avoid becoming a victim — or an unwitting participant.

More from

Government cybersecurity in 2025: Former Principal Deputy National Cyber Director weighs in

4 min read - As 2024 comes to an end, it’s time to look ahead to the state of public cybersecurity in 2025.The good news is this: Cybersecurity will be an ongoing concern for the government regardless of the party in power, as many current cybersecurity initiatives are bipartisan. But what will government cybersecurity look like in 2025?Will the country be better off than they are today? What are the positive signs that could signal a good year for national cybersecurity? And what threats should…

FYSA – Adobe Cold Fusion Path Traversal Vulnerability

2 min read - Summary Adobe has released a security bulletin (APSB24-107) addressing an arbitrary file system read vulnerability in ColdFusion, a web application server. The vulnerability, identified as CVE-2024-53961, can be exploited to read arbitrary files on the system, potentially leading to unauthorized access and data exposure. Threat Topography Threat Type: Arbitrary File System Read Industries Impacted: Technology, Software, and Web Development Geolocation: Global Environment Impact: Web servers running ColdFusion 2021 and 2023 are vulnerable Overview X-Force Incident Command is monitoring the disclosure…

2024 trends: Were they accurate?

4 min read - The new year always kicks off with a flood of prediction articles; then, 12 months later, our newsfeed is filled with wrap-up articles. But we are often left to wonder if experts got it right in January about how the year would unfold. As we close out 2024, let’s take a moment to go back and see if the crystal balls were working about how the year would play out in cybersecurity.Here are five trends that were often predicted for…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today