Stay Safe While Shopping Online This Holiday Season With These Five Cyber Security Tips
Announcement posted by WatchGuard Technologies 05 Dec 2013
The evolution of online threats has left shoppers more vulnerable than ever to cyber scams
Australian consumers are set to spend six per cent more on their online purchases this Christmas season compared with 2012* but with that increase comes a rise in potential attacks and exploitations as shoppers flock to the latest deals and trends.
In order to remain vigilant. WatchGuard Technologies has set out the five most common threats that online shoppers face on today's web:
Seasonal email phishing scams – Attackers know you have your eye out for emails containing the latest sales and discounts and that you may have packages in transit from recent purchases. This makes it a great time for them to leverage some seasonal phishing scams to try and lure you to malicious sites or malware. Some of the most common malicious emails during the holidays are fake FedEx or DHL messages claiming a delivery failed, bogus flight notices, and even phony secret Santa messages. All of these seasonal scams prey on common trends for the season, such as holiday vacations and trips, and people ordering more stuff online. To give you a specific example, right now a nasty new ransomware variant called Cryptolocker is spreading using the fake FedEx or UPS trick, and has cost many victims a lot of money. Avoid clicking links and attachments in unsolicited emails.
Fake product giveaways – Every year the holiday shopping bonanza brings us at least one or two “must-have” items for the holiday season, whether they be Tickle-Me Elmo dolls or the latest gaming console. Cyber criminals always seem to recognise these popular consumer items early, and use them to lure unsuspecting victims to their trap. This year, two such items are the latest video game consoles—the PlayStation 4 and Xbox One. We’ve already seen phishers trying to steal personal information from victims by tricking them into filling out details to win one of these next-generation consoles. While some of these giveaways might be legit, you should be careful where you share your information, and what type of information you’re willing to give up.
Dastardly Digital Downloads – During any special event or holiday, malicious hackers often pull out old reliable tricks of the trade. One such trick is the free screensaver, ringtone, or e-card offer. The attackers can easily theme their free download offers from whatever holiday or pop culture event they want. If it sounds too good to be free, it probably is. As always, be careful what you download.
Fraudulent e-commerce sites – The bad guys are great at faking web sites. They can fake your banking site, your favourite social network, and even online shopping sites that have suspiciously good deals for that one hot ticket item you’re looking for during the upcoming sales. Of course, if they can lure you to their replica sites, they can leverage your trust in them to steal your personal information, swipe your credit card number, or force you into a drive-by download malware infection. Pay close attention to the domain names you visit, and vet your online retailers before ordering from them.
Booby-trapped Ads and Blackhat SEO – Bad guys are always looking for new ways to attract you to their fake or malicious web sites. Phishing emails, instant messages, and social network posts with appealing links work, but they always experiment with new lures. Two popular new techniques are malicious online advertisements and evil search engine optimisation tricks. By either buying online ad space, or hacking online ad systems, hackers can inject fake advertisements into legitimate web sites, which redirect back to malicious sites. They can also leverage various SEO tricks to get their web sites to show up in the top results for popular searches. Are you searching for Lululemon yoga pants sales for your girlfriend this holiday? If criminals think that’s a popular gift, they can poison search results and hijack ads to use your interest against you. As you consider clicking ad links or following search results, be aware of the domains and URLs you click on.
The top five threats above all have consumers in mind but merchants also need too look out for Distributed Denial of Service (DDoS) attacks. Cyber criminals realise the holidays are a very important seasons for online retailers. They know that even an hour of downtime can translate into millions in lost sales for big retailers, and they want to steal a piece of your pie. Expect to see some DDoS attacks targeting online store during the holidays, followed by extortion letters asking for money to stop the attack.
One of the best defences to cyber attacks is a bit of awareness and vigilance. WatchGuard Technologies recommends a few steps you can take to make your holidays hacker free.
Patch your software – If you let Microsoft, Apple, and Adobe (and other products) automatic software updates patch your machine regularly, you will remain safe from most cyber criminal’s technical attacks.
Don’t click on unsolicited links or attachments
Look for the padlock while shopping online – Though it’s no a guarantee you’re on the right site, do not share your personal or financial info with an online retailer unless you see a green padlock in your web browsers URL dialogue (the icon’s appearance may differ slightly depending on your browser).
Use password best practices on shopping sites – You should use different, strong (i.e. long) passwords on every site you visit.
Vet online merchants before clicking buy – A little online research can go a long way. Do Internet searches on a merchant before buying from them, paying close attention to customer reviews. When people get scammed they tend to share, so a little research can help you identify fakes retailers.
* Adobe Digital Index
About WatchGuard Technologies, Inc.
WatchGuard® Technologies, Inc. is a global leader of business security solutions that intelligently combine industry standard hardware, Best-in-Class security features, and policy-based management tools. WatchGuard provides easy-to-use but enterprise-powerful protection to hundreds of thousands of businesses worldwide. The WatchGuard family of Smart Firewalls provides smart security through seamless integration of multiple security services; smart management by providing a single console for deploying and maintaining services; and smart unified threat management performance to ensure that customers of all sizes can securely operate at the pace of business. WatchGuard products are backed by WatchGuard LiveSecurity® Service, an innovative support program. WatchGuard is headquartered in Seattle, Wash. with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit www.watchguard.com
In order to remain vigilant. WatchGuard Technologies has set out the five most common threats that online shoppers face on today's web:
Seasonal email phishing scams – Attackers know you have your eye out for emails containing the latest sales and discounts and that you may have packages in transit from recent purchases. This makes it a great time for them to leverage some seasonal phishing scams to try and lure you to malicious sites or malware. Some of the most common malicious emails during the holidays are fake FedEx or DHL messages claiming a delivery failed, bogus flight notices, and even phony secret Santa messages. All of these seasonal scams prey on common trends for the season, such as holiday vacations and trips, and people ordering more stuff online. To give you a specific example, right now a nasty new ransomware variant called Cryptolocker is spreading using the fake FedEx or UPS trick, and has cost many victims a lot of money. Avoid clicking links and attachments in unsolicited emails.
Fake product giveaways – Every year the holiday shopping bonanza brings us at least one or two “must-have” items for the holiday season, whether they be Tickle-Me Elmo dolls or the latest gaming console. Cyber criminals always seem to recognise these popular consumer items early, and use them to lure unsuspecting victims to their trap. This year, two such items are the latest video game consoles—the PlayStation 4 and Xbox One. We’ve already seen phishers trying to steal personal information from victims by tricking them into filling out details to win one of these next-generation consoles. While some of these giveaways might be legit, you should be careful where you share your information, and what type of information you’re willing to give up.
Dastardly Digital Downloads – During any special event or holiday, malicious hackers often pull out old reliable tricks of the trade. One such trick is the free screensaver, ringtone, or e-card offer. The attackers can easily theme their free download offers from whatever holiday or pop culture event they want. If it sounds too good to be free, it probably is. As always, be careful what you download.
Fraudulent e-commerce sites – The bad guys are great at faking web sites. They can fake your banking site, your favourite social network, and even online shopping sites that have suspiciously good deals for that one hot ticket item you’re looking for during the upcoming sales. Of course, if they can lure you to their replica sites, they can leverage your trust in them to steal your personal information, swipe your credit card number, or force you into a drive-by download malware infection. Pay close attention to the domain names you visit, and vet your online retailers before ordering from them.
Booby-trapped Ads and Blackhat SEO – Bad guys are always looking for new ways to attract you to their fake or malicious web sites. Phishing emails, instant messages, and social network posts with appealing links work, but they always experiment with new lures. Two popular new techniques are malicious online advertisements and evil search engine optimisation tricks. By either buying online ad space, or hacking online ad systems, hackers can inject fake advertisements into legitimate web sites, which redirect back to malicious sites. They can also leverage various SEO tricks to get their web sites to show up in the top results for popular searches. Are you searching for Lululemon yoga pants sales for your girlfriend this holiday? If criminals think that’s a popular gift, they can poison search results and hijack ads to use your interest against you. As you consider clicking ad links or following search results, be aware of the domains and URLs you click on.
The top five threats above all have consumers in mind but merchants also need too look out for Distributed Denial of Service (DDoS) attacks. Cyber criminals realise the holidays are a very important seasons for online retailers. They know that even an hour of downtime can translate into millions in lost sales for big retailers, and they want to steal a piece of your pie. Expect to see some DDoS attacks targeting online store during the holidays, followed by extortion letters asking for money to stop the attack.
One of the best defences to cyber attacks is a bit of awareness and vigilance. WatchGuard Technologies recommends a few steps you can take to make your holidays hacker free.
Patch your software – If you let Microsoft, Apple, and Adobe (and other products) automatic software updates patch your machine regularly, you will remain safe from most cyber criminal’s technical attacks.
Don’t click on unsolicited links or attachments
Look for the padlock while shopping online – Though it’s no a guarantee you’re on the right site, do not share your personal or financial info with an online retailer unless you see a green padlock in your web browsers URL dialogue (the icon’s appearance may differ slightly depending on your browser).
Use password best practices on shopping sites – You should use different, strong (i.e. long) passwords on every site you visit.
Vet online merchants before clicking buy – A little online research can go a long way. Do Internet searches on a merchant before buying from them, paying close attention to customer reviews. When people get scammed they tend to share, so a little research can help you identify fakes retailers.
* Adobe Digital Index
About WatchGuard Technologies, Inc.
WatchGuard® Technologies, Inc. is a global leader of business security solutions that intelligently combine industry standard hardware, Best-in-Class security features, and policy-based management tools. WatchGuard provides easy-to-use but enterprise-powerful protection to hundreds of thousands of businesses worldwide. The WatchGuard family of Smart Firewalls provides smart security through seamless integration of multiple security services; smart management by providing a single console for deploying and maintaining services; and smart unified threat management performance to ensure that customers of all sizes can securely operate at the pace of business. WatchGuard products are backed by WatchGuard LiveSecurity® Service, an innovative support program. WatchGuard is headquartered in Seattle, Wash. with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit www.watchguard.com