How to avoid the horrors in your inbox this Halloween

With Halloween looming closer, it’s not just the monsters under the bed we have to worry about. Ghosts hide in unexpected places, ghouls are lurking at our fingertips, the real horrors of Halloween are closer than you might realize, and clicking on a phishing email can unleash great terrors upon you!

Our inboxes are filled with unwelcome surprises and these sorts of monstrosities won’t be scared away by garlic, mirrors, or a silver bullet. Here’s how to avoid them this Halloween!

Trick or Treat?

Don’t allow yourself to fall victim to hackers who take advantage of Halloween marketing emails hoping to lure you into their trap. Promises of scarily low prices may seem appealing but think twice before you open a link sent to you via email. Do not be fooled – remember to check the domain address twice to see if the message is from a legitimate sender.

By keeping lists of safe contacts, you can be more confident that you’re not being lured into giving away data or sensitive information. Phishing emails can come in all different shapes and sizes, you don’t have to be asked for data directly to be tricked into giving it away so be confident you know who you’re dealing with before making any decisions that could come back to bite you.

Beware of werewolves in sheep’s clothing

Today, hackers are more sophisticated than ever before, domain addresses can be replicated directly and they no longer show classic telltale signs like big teeth or sharp claws. No matter how hard you look there is seemingly no difference between a fake email and a legitimate one so it is essential you make use of the safety features and verification methods readily available to you.

Most email providers such as Gmail and Microsoft have anti-phishing and malware capabilities and have already adopted DMARC – make use of these protection methods and don’t rely on the naked eye to spot an imposter.

Delving into the darkness

With new online retailers popping up every day, it can be tempting at Halloween to try somewhere new to buy your broom or cauldron, but remember to err on the side of caution. There are ghosts lurking around every corner and it’s important to remember that while your inbox might be protected – some retailers’ digital assets aren’t.

Before you partake in any risky business, take the time to search who you’re shopping with. Often, a quick Google search can flag up any horror stories about untrustworthy retailers and save you from becoming their next casualty. But, if you do choose to go with someone you don’t know, companies that invite double sign-ins or ask that ask for email verification are more secure than those who don’t.   

Don’t fall victim to everyday inbox horrors   

You wouldn’t face a zombie attack without gathering some supplies first, so be prepared and use what’s readily available to you to ensure you are prepared for what lurks behind the corner. This Halloween, remember: don’t forget your fancy dress, get to grips with DMARC, know who you’re dealing with, make use of in-built safety features, and most importantly, don’t go into that haunted house alone!

To find out more about How Red Sift can help protect you and your business from the horrors of email phishing, get in touch!

Get in touch


Clare Holmes

29 Oct. 2018



Recent Posts


The best tools to protect yourself from SubdoMailing

Francesca Rünger-Field

In late February 2024, ‘SubdoMailing’ became a trending search term overnight. Research by Guardio Labs uncovered a massive-scale phishing campaign that had been going on since at least 2022. At the time of reporting, the campaign had sent 5 million emails a day from more than 8,000 compromised domains and 13,000 subdomains with several…

Read more
Product Release

Red Sift’s Spring 2024 Quarterly Product Release

Francesca Rünger-Field

This early into 2024, the cybersecurity space is already buzzing with activity. Emerging standards, such as Google and Yahoo’s bulk sender requirements, mark a new era of compliance for businesses reliant on email communication. At the same time, the prevalence of sophisticated cyber threats, such as the SubdoMailing campaign, emphasizes the continual hurdles posed…

Read more

Navigating the “SubdoMailing” attack: How Red Sift proactively identified and remediated a…

Rebecca Warren

In the world of cybersecurity, a new threat has emerged. Known as “SubdoMailing,” this new attack cunningly bypasses some of the safeguards that DMARC sets up to protect email integrity.  In this blog we will focus on how the strategic investments we have made at Red Sift allowed us to discover and protect against…

Read more

Where are we now? One month of Google and Yahoo’s new requirements…

Rebecca Warren

As of March 1, 2024, we are one month into Google and Yahoo’s new requirements for bulk senders. Before these requirements went live, we used Red Sift’s BIMI Radar to understand global readiness, and the picture wasn’t pretty.  At the end of January 2024, one-third of global enterprises were bound to fail the new…

Read more