Cyber Monday is expected to be one of the busiest days for online Christmas shopping. It marks the start of December online takings for retailers, which are predicted to break the £10bn barrier for the first time, according to industry group IMRG and consultants Capgemini. But with the increase in spending also comes an increase in potential cyber attacks and exploitations as shoppers flock to grab the latest deals and trends.
Corey Nachreiner, WatchGuard Technologies’ Director of Security Strategy highlights the five most common threats that online shoppers need to look out for:
* Seasonal email phishing scams –This is a great time for cyber criminals to leverage seasonal phishing scams to lure victims to malicious sites or malware. Some of the most common malicious emails during the holidays are fake UPS, FedEx, or DHL messages claiming a delivery failed, bogus flight notices, and even phony secret Santa messages. Avoid clicking links and attachments in unsolicited emails.
* Fake product giveaways – Every year the holiday shopping bonanza brings us at least one or two ‘must-have’ items for the holiday season and cyber criminals always seem to recognise these popular consumer items early. We’ve already seen phishers trying to steal personal information from victims by tricking them into filling out details to win one of the new next-generation gaming consoles. While some of these giveaways might be legit, be careful where you share information.
* Dastardly digital downloads – Attackers can easily theme free Christmas download offers. If it sounds too good to be free, it probably is. As always, be careful what you download.
* Fraudulent e-commerce sites – The bad guys are great at faking websites. They can fake banking sites, social networks and even online shopping sites that have suspiciously good deals. Of course, if they can lure victims to their replica sites, they can leverage that trust to steal information. Pay close attention to the domain names and vet online retailers before ordering.
* Booby-trapped Ads and Blackhat SEO – Two popular new techniques are malicious online advertisements and evil search engine optimization (SEO) tricks. By either buying online ad space, or hacking online ad systems, hackers can inject fake advertisements into legitimate web sites, which redirect back to malicious sites. They can also leverage various SEO tricks to get their websites to show up in the top results for popular searches. As you consider clicking ad links or following search results, be aware of the domains and URLs you click on.
Falling victim to an attack is easy. Make sure you are safe and read WatchGuard’s latest blog post that outlines five simple tips users can follow, including:
1 Updating your software
2 Do not click on unsolicited links or attachments
3 Look for the padlock while shopping online
4 Use password best practices on shopping sites
5 Vet online merchants before clicking buy