You might think that personal shopping emails have no place in the office. The reality is quite different. Cybercriminals know exactly why they focus their attacks on company email addresses:

The blurring of lines between personal and professional: Many employees use their work email for personal purposes or at least check personal emails on company devices. The boundaries are becoming increasingly indistinct.

The “trustworthiness filter”: Emails that make it through the company’s spam filter are often given more trust. “If it arrives here, it must be safe.” – a fatal misconception.

High distractions, high time pressure: The Black Friday season is characterized by “Only 2 hours left!” and “While supplies last!” This artificial scarcity lowers inhibitions and leads to quick, impulsive clicks. In the stressful daily work routine, such a click hardly goes unnoticed.

High distractions, high time pressure: The Black Friday season is characterized by “Only 2 hours left!” and “While supplies last!”. This artificial scarcity lowers inhibitions and tempts people to click quickly and without thinking. In the stressful workday, such a click is hardly noticed.

High distractions, high time pressure: The ultimate goal: While the target for private accounts is often “only” credit card data, a compromised business account is a digital master key. Criminals can access internal data, customer lists, financial information, or the entire network.

The attacks are rarely clumsy. They are psychologically clever and exploit users’ expectations. The most common scams:

The “Exclusive Offer” Phishing Email

• The bait: An email that looks like it comes from a major retailer (Amazon, MediaMarkt, Zalando) or a well-known brand. It promises an incredible discount (e.g., “iPhone for 50% off”) that is only available via the included link.
• The trap: The link leads to a fake login page that is deceptively similar to the original. Anyone who enters their login details here hands them directly over to the scammers.

The “Problem with your order” email

• The bait: During the shopping season, many people are expecting packages. An email with the subject line “Delivery failed” or “Payment problem with your order” immediately creates a sense of urgency.
• The trap: The email prompts the user to open an attached file (supposedly an invoice or address label) or to click a “confirmation” link.
• The result: The file is malware. This could be a Trojan that steals data, or—in the worst-case scenario—ransomware that encrypts the entire company network and demands a large ransom.

The “invoice” scam

The bait: A simple email, seemingly from a supplier’s accounting department, with the subject line “Outstanding invoice Black Friday Sale” or “Reminder.”

The trap: The attachment is a supposed .zip file, a Word document, or a PDF. Opening the program silently installs malware that logs keystrokes (passwords!) or takes over the computer.

“`

No filter is perfect. The last and most important line of defense is the human element. Train your skepticism with this checklist:

The Sender (The Most Important Check!):

• Look at the exact email address, not just the display name. Scammers often use typosquatting (e.g., service@amazn.de instead of @amazon.de) or cryptic addresses (e.g., info@mail-123-xzy.com).

The Salutation:

• “Dear Customer” or “Hello EmailAddress@company.de” are major red flags. Reputable companies where you have an account know your name.

Urgency and Emotions:

• Are you being pressured? Is your account threatened with suspension? Are you being promised an unbelievable prize? These are classic social engineering tactics designed to trick you into clicking without thinking. Stop. Breathe. Think.

The Mouse-Over Test (No Clicking!):

• Hover your mouse cursor over the link or button in the email. Wait a moment. The actual link destination will appear in the bottom corner of your browser or email program.
• Does this link lead to a strange domain (e.g., www.login-amazon.biz instead of www.amazon.de)? Do not click!

Spelling and Design:

• Pixelous logos, poor grammar, or strange umlauts (e.g., “fuer” instead of “für” in the wrong places) are often signs of a hastily translated phishing email.

Attachments:

• Ask yourself: Are you expecting this attachment? Never open unsolicited .zip, .exe, .html, or .js files. Be extremely cautious with Word or Excel files that ask you to “enable macros.”

A single click on the wrong link at the office can trigger a catastrophe that extends far beyond the user’s own computer:

For the company:

• Data theft: Trade secrets, customer data, or financial information are stolen.
• GDPR violations: The theft of customer data can lead to massive fines and severe reputational damage.
• Business interruption: A ransomware attack can cripple the entire production or administration. Recovery costs thousands and takes days.
• Financial loss: Fraudsters can impersonate the CEO (“CEO fraud”) and initiate transfers to their accounts.

For the employee:

• Identity theft: When private passwords (often used for multiple services) are compromised.
• Disciplinary consequences: Causing a serious security incident through negligence can have consequences under labor law.

The Black Friday season doesn’t have to be an ordeal, but it does require the highest level of digital hygiene – especially in the workplace.

For employees:

• Strict separation: Use only private email addresses and private devices for personal online shopping (e.g., your smartphone on mobile data, not company Wi-Fi).
• Healthy skepticism: Treat any email promising a deal or addressing a problem as potentially dangerous.
• When in doubt: Delete or report: If an email raises even the slightest suspicion – don’t click on anything. Instead, forward suspicious emails to your IT department or security officer (if there is one) and then delete them.

For companies:

• R

aise awareness: Launch an awareness campaign now. Send your employees this article or similar warnings.
• Technical defenses: Ensure that spam filters, virus scanners, and endpoint protection are up to date.
• Clear guidelines: Communicate clearly the rules for private internet use at work.

Don’t let the hunt for the best deal turn into an expensive nightmare for your company.