November 11, 2015 By Jaikumar Vijayan 3 min read

If Mondays are usually when security administrators have their hands full cleaning up malware threats and data breaches, there’s a perfectly good reason for it. The weekend is when employees typically tend to bring their office laptops home and browse the Internet via poorly secured Wi-Fi connections — sometimes downloading all sorts of malicious software in the process. They then introduce the threat on the corporate network when they log back in at work.

Freaky Fridays

Cloud security services vendor Cyren recently examined daily malware distribution trends during the third quarter of this year as part of its “Cybersecurity Awareness Report.” It discovered that Friday is the peak distribution day for spam and malicious software.

According to the company, cybercriminals appear to be purposely spiking malware distribution on Fridays to take advantage of what they apparently consider to be less protected employees and corporate systems. Cyren’s review showed that, on average, cybercriminals distributed about 2.25 billion attachments containing malware on Fridays during the third quarter of 2015, or roughly three times the number distributed on other week days.

The numbers lend credence to the generally held perception that Mondays are when new malware tends to surface most on corporate networks, Cyren said in its report.

Ramping Up the Holiday Season

Enterprises would do well to pay heed to the trend. The holiday shopping season is when employees are likely to use work laptops and other mobile devices more extensively for personal use than they normally would, browsing e-commerce hubs, searching for products and buying goods online. If previous years are any indication, the holiday shopping season is also when cybercriminals seriously ramp up their efforts to try to infiltrate systems with malware, spyware and other threats.

The FBI and US-CERT have routinely issued alerts around this time each year warning consumers to be on the lookout for online trickery and scams. Last November, for instance, US-CERT issued an alert warning Internet users of cybercriminals using tools like rogue e-cards, shady social media campaigns, fake advertisements and phishing emails with malicious attachments to install malicious software on computers. Cybercriminals have been known to seed the Internet with hundreds of fraudulent websites in an attempt to lure users searching for items using terms such as “Black Friday” and “Cyber Monday.”

Not Just a Consumer Issue

It’s not just consumers that are exposed to the threat. Poorly secured corporate laptops, smartphones and tablets with access to enterprise data could become easy targets for compromise if adequate endpoint controls are not in place.

Corporate systems are exposed to other threats as well, especially when used from unsecured locations or via poorly protected Wi-Fi connections. The Cyren review showed that attackers have begun using phishing campaigns directed at the organizations that the victims work for rather than the individuals themselves.

A Sinister New Malware Campaign

According to Cyren, cybercriminals appear to be attempting to extract the name of the employer the victim works for in addition to their corporate network login names, email addresses, business phone numbers and passwords. Often the scams involved the use of emails that purport to arrive from trusted organizations such as LinkedIn, Amazon and Apple, Cyren said. The fake domains that cybercriminals have set up to lure users into parting with their corporate credentials include fake sites linked to Apple, DHL, Bank of America, Amazon and PayPal.

It is unclear what exactly the motives are behind the new phishing strategy, but it’s likely part of a long-term attack campaign by cybercriminals to collect and sell corporate login credentials for use in data breaches, Cyren said. Or cybercriminals could be trying to target and breach webmail services that can then be used to access corporate applications and data. Either way, users need to be aware of the schemes and keep security best practices in mind to ultimately avoid becoming a victim — or an unwitting participant.

More from

Cyberattack on American Water: A warning to critical infrastructure

3 min read - American Water, the largest publicly traded United States water and wastewater utility, recently experienced a cybersecurity incident that forced the company to disconnect key systems, including its customer billing platform. As the company’s investigation continues, there are growing concerns about the vulnerabilities that persist in the water sector, which has increasingly become a target for cyberattacks.The breach is a stark reminder of the critical infrastructure risks that have long plagued the industry. While the water utility has confirmed that its…

What’s behind unchecked CVE proliferation, and what to do about it

4 min read - The volume of Common Vulnerabilities and Exposures (CVEs) has reached staggering levels, placing immense pressure on organizations' cyber defenses. According to SecurityScorecard, there were 29,000 vulnerabilities recorded in 2023, and by mid-2024, nearly 27,500 had already been identified.Meanwhile, Coalition's 2024 Cyber Threat Index forecasts that the total number of CVEs for 2024 will hit 34,888—a 25% increase compared to the previous year. This upward trend presents a significant challenge for organizations trying to manage vulnerabilities and mitigate potential exploits.What’s behind…

Quishing: A growing threat hiding in plain sight

4 min read - Our mobile devices go everywhere we go, and we can use them for almost anything. For businesses, the accessibility of mobile devices has also made it easier to create more interactive ways to introduce new products and services while improving user experiences across different industries. Quick-response (QR) codes are a good example of this in action and help mobile devices quickly navigate to web pages or install new software by simply scanning an image.However, legitimate organizations aren’t the only ones…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today