November 11, 2015 By Jaikumar Vijayan 3 min read

If Mondays are usually when security administrators have their hands full cleaning up malware threats and data breaches, there’s a perfectly good reason for it. The weekend is when employees typically tend to bring their office laptops home and browse the Internet via poorly secured Wi-Fi connections — sometimes downloading all sorts of malicious software in the process. They then introduce the threat on the corporate network when they log back in at work.

Freaky Fridays

Cloud security services vendor Cyren recently examined daily malware distribution trends during the third quarter of this year as part of its “Cybersecurity Awareness Report.” It discovered that Friday is the peak distribution day for spam and malicious software.

According to the company, cybercriminals appear to be purposely spiking malware distribution on Fridays to take advantage of what they apparently consider to be less protected employees and corporate systems. Cyren’s review showed that, on average, cybercriminals distributed about 2.25 billion attachments containing malware on Fridays during the third quarter of 2015, or roughly three times the number distributed on other week days.

The numbers lend credence to the generally held perception that Mondays are when new malware tends to surface most on corporate networks, Cyren said in its report.

Ramping Up the Holiday Season

Enterprises would do well to pay heed to the trend. The holiday shopping season is when employees are likely to use work laptops and other mobile devices more extensively for personal use than they normally would, browsing e-commerce hubs, searching for products and buying goods online. If previous years are any indication, the holiday shopping season is also when cybercriminals seriously ramp up their efforts to try to infiltrate systems with malware, spyware and other threats.

The FBI and US-CERT have routinely issued alerts around this time each year warning consumers to be on the lookout for online trickery and scams. Last November, for instance, US-CERT issued an alert warning Internet users of cybercriminals using tools like rogue e-cards, shady social media campaigns, fake advertisements and phishing emails with malicious attachments to install malicious software on computers. Cybercriminals have been known to seed the Internet with hundreds of fraudulent websites in an attempt to lure users searching for items using terms such as “Black Friday” and “Cyber Monday.”

Not Just a Consumer Issue

It’s not just consumers that are exposed to the threat. Poorly secured corporate laptops, smartphones and tablets with access to enterprise data could become easy targets for compromise if adequate endpoint controls are not in place.

Corporate systems are exposed to other threats as well, especially when used from unsecured locations or via poorly protected Wi-Fi connections. The Cyren review showed that attackers have begun using phishing campaigns directed at the organizations that the victims work for rather than the individuals themselves.

A Sinister New Malware Campaign

According to Cyren, cybercriminals appear to be attempting to extract the name of the employer the victim works for in addition to their corporate network login names, email addresses, business phone numbers and passwords. Often the scams involved the use of emails that purport to arrive from trusted organizations such as LinkedIn, Amazon and Apple, Cyren said. The fake domains that cybercriminals have set up to lure users into parting with their corporate credentials include fake sites linked to Apple, DHL, Bank of America, Amazon and PayPal.

It is unclear what exactly the motives are behind the new phishing strategy, but it’s likely part of a long-term attack campaign by cybercriminals to collect and sell corporate login credentials for use in data breaches, Cyren said. Or cybercriminals could be trying to target and breach webmail services that can then be used to access corporate applications and data. Either way, users need to be aware of the schemes and keep security best practices in mind to ultimately avoid becoming a victim — or an unwitting participant.

More from

How will the Merck settlement affect the insurance industry?

3 min read - A major shift in how cyber insurance works started with an attack on the pharmaceutical giant Merck. Or did it start somewhere else?In June 2017, the NotPetya incident hit some 40,000 Merck computers, destroying data and forcing a months-long recovery process. The attack affected thousands of multinational companies, including Mondelēz and Maersk. In total, the malware caused roughly $10 billion in damage.NotPetya malware exploited two Windows vulnerabilities: EternalBlue, a digital skeleton key leaked from the NSA, and Mimikatz, an exploit…

3 Strategies to overcome data security challenges in 2024

3 min read - There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030.This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be right once to seize databases of personally identifiable information (PII), including payment card information, addresses, phone numbers and Social Security numbers.In addition to the ever-present cybersecurity threats, data security teams must consider the growing list of data compliance laws…

ICS CERT predictions for 2024: What you need to know

4 min read - As we work through the first quarter of 2024, various sectors are continuously adapting to increasingly complex cybersecurity threats. Sectors like healthcare, finance, energy and transportation are all regularly widening their digital infrastructure, resulting in larger attack surfaces and greater risk exposure.Kaspersky just released their ICS CERT Predictions for this year, outlining the key cybersecurity challenges industrial enterprises will face in the year ahead. The forecasts emphasize the persistent nature of ransomware threats, the increasing prevalence of cosmopolitical hacktivism, insights…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today