According to Dr Brett Stone-Gross, in addition to holiday malware trends being disguised in gift cards, greeting cards, photos, etc. he also anticipates cybercriminals to focus on order confirmations and delivery shipments due to the increased volume during the holiday season.
In fact, the CTU is already seeing fake delivery shipment notices, bank notice, Payroll notice and an array of other scams being sent out by one of the largest spam botnets, Cutwail. An example is the fake Fedex message which will infect a user's computer with the infamous Gameover ZeuS Banking Trojan if it is clicked on, definitely not a way to kick off your holiday shopping. Here is a list of the other types of malicious spam email computer users are receiving:
1 "New encrypted message" from many of the large US banks.
2 You have received your payroll invoice
3 USPS - Your package is available for pickup
4 Your FED TAX payment was rejected
5 Advisors Online Documents Activated
6 Transaction notification from your bank
7 Dousing to all Employees - Confidential Message
8 INCOMING FAX REPORT
Dell SecureWorks has provided top twelve security tips for online holiday shoppers which is available on the blog page of their website.