Black Friday and Cyber Monday may sound like titles from science fiction novels, but they actually refer to the two busiest shopping days of the year for retailers.
Last year saw record figures for e-tailers against the previous year. While vendors are busy planning ways to push sales even higher in 2014, you can be certain that just as many cyber criminals are plotting to profit from this year’s “season of goodwill.”
It is true, Black Friday and Cyber Monday offer great deals. But, how do we spot the real deal from the scam? In this slideshow, Troy Gill, senior security analytist at AppRiver, provides five tips that will help prevent you from unwittingly parting with your money – and putting it directly into a cyber-crook’s wallet – this holiday season.
Tips for Avoiding Holiday Scams
Click through for five tips that can help keep you from falling victim to cyber scammers during the holidays or any time of year, as identified by Troy Gill, senior security analyst at AppRiver.
If it seems too good to be true, then it probably is. In the last 12 months, numerous retailers have admitted to suffering a massive data breach. As a result, compromised customer data can be used against unsuspecting users to lure them into financial traps. For example, let’s say you purchased a Sony PlayStation this year at Target. Soon thereafter, you start receiving emails that suggest you buy games and accessories for your console at a greatly reduced price. Can you trust the message? The sender? While cybercriminals are extremely clever, there are a few things to look out for when deciding if an offer is authentic:
- Is the sender’s email address different from before?
- Is the manner in which you are addressed unusual?
- Does the message contain typing errors or grammatical mistakes?
Tip: Never follow links embedded in a message, especially one that’s not completely ringing true. Instead, type the usual address into the URL bar. If the offers are genuine, the website will be displaying them too.
Just as marketing executives spend time and money improving page rank in search engines, so do cyber criminals. In fact, on many occasions, legitimate sites have been compromised and malware inserted to trap unsuspecting visitors. With so many people seeking out the best online deals, canny criminals have undoubtedly set up their traps.
Tip: Be wary of sites that claim to have trawled the web in order to compile a list of the best Black Friday and Cyber Monday deals. While some may be genuine, proceed with caution.
While these tips are primarily intended to prevent you from falling victim, a previous infection cannot be ruled out. For example, if you have a malicious program already installed on your machine, it could be secretly monitoring your online usage to steal your bank account and credit card information.
Tip: At a minimum, make sure you are using (updated) antivirus software to keep your system clean. Security layers and vigilance are the keys to ensuring you are not the reason the system gets infected this year.
Some sites prompt users to create a username and password before shopping. But if you use the same username and password on more than one site, cyber criminals may lift your combination and try to access other sites that house credit card information. This is what Dropbox recently experienced when credentials liberated from ‘unrelated services’ were used to hack secondary accounts.
Tip: Make the extra effort to use different passwords for different online accounts, especially for those accounts tied to your financial information.
Fake Purchase or Delivery Receipts
It has become a very popular ploy for malware authors to send what appears to be a purchase receipt to users. These “receipts” are meant to lure recipients into believing someone has made unauthorized purchases on their behalf. Fake delivery receipts can also confuse recipients into believing that something they may have actually ordered online has transit issues. With many people doing a majority of their online shopping during this time of year, this is a perfect time to see these scams in the wild.
Tip: Never click on a link or an attachment from an unsolicited email. Remain vigilant and read all purchase and delivery receipts carefully before clicking on a link or entering personal information.
So, how can you mitigate the threat of falling victim to this season’s online scams? Remember that a multi-layered approach to security is important. Use a properly configured firewall, antivirus, email and web-filtering products from a reputable security company. But above all, exercise common sense and remain vigilant.