Beware of online dangers lurking this Cyber Monday
Posted on 27 November 2013.
Cyber Monday is often regarded as the beginning of the holiday shopping season, but many vendors are rolling out deals early as to entice online users to visit their web sites and get a jump start on gift giving. But with attractive Internet deals come the cyber crooks who design new ways to trick you into parting with your cash - with so many people shopping online, many tactics used by cybercriminals to socially engineer users will be more effective than at other times during the year.

Here are a few dangers that will be lurking online this holiday shopping season.

Increased email threat
Spammers and malware distributors have often crafted messages to appear as legitimate messages from the likes of UPS, FedEx, PayPal and many other online shippers and/or retailers. This is such an effective technique, that they use it year round. However, during the holidays these messages can be much more effective. It stands to reason that anyone who is expecting shipping confirmations or payment confirmations will be much more susceptible to these threats and what better time than the holiday season when this is the reality for most people. These messages pose as the real thing but often contain malicious payloads designed to infect your machine.

Despite the fact that these messages look very believable there are some common elements that should not appear in a legitimate shipping or payment confirmation emails. Frequently these messages will include attachments, which should be a red flag to most people. Additionally, if the message directs you to click on a link, you should at the very least Ďmouse-overí the link to reveal the true destination. Or better yetÖ just ignore it and navigate to the companyís website directly in the browser.

SEO poisoning
Cybercriminals use search poisoning tactics when they want to direct users to a hacked web page and infect computers with malware. How? Scammers begin by infecting a website by implanting malicious exploits and then utilize keyword injection to Ďgameí search results. So, when users search for the scammerís keywords they might come across an infected page, and if vulnerable, malware will begin to infect the device instantly with little or no detection. In the past, cybercriminals used popular product names as key terms. And what better audience for SEO poisoning than eager online shoppers searching for the best product deals?

Pay attention to the sites listed in your search results. If you are looking for a good deal on a new ipad, for example, then be a little suspicious when search results include a link to a blog or some other non-consumer goods website. Itís less likely that someone is having a fire sale on their personal blog and more likely that the blog was hacked into and became a host for the hackerís malicious code.

Fake e-cards
This one has been around for a while, but just like mosquitoes in Florida they wonít go away. Each year, our spam and virus filters quarantine millions of malicious e-cards. To the analytical eye, these cards are fairly easy to spot. But to the casual viewer fake e-cards are convincing enough to wreak havoc. E-cards often infect users with Spyware or Ransomware, thereby stealing identities, banking credentials or nearly every file on your computer (as recently illustrated by CryptoLocker).

When in doubt, donít open it. Some of the tell-tale signs that an e-card is malicious include: unrecognized senders, it contains instruction to take some sort of additional action like opening an attachment and/or it requires you follow a link or download a file.

Shopping from unsecured networks
Many of us seek refuge from the holiday crowds at the nearest coffee shop where we can watch the action while making our gift purchases online. Just be careful where you are when make those purchases. Or more specifically, be careful where you connect to the Internet. If you're connecting to an unsecured public Wi-Fi hotspot, anyone can access your data using packet capture capabilities or a man-in-the-middle attack. Bad guys can collect data like credit card numbers, account logins/passwords, email communications and anything else that they can exploit for profit. And know that unsecured Wi-Fi connections can be found in many public locations these day, including hotels, restaurants, airports or even retail store themselves.

The best thing you can do to avoid this is to browse the web and create a gift list, but wait until you're back home on a secure connection to actually make the purchases. If you do use a public WI-FI, then pay close attention to your address bar to ensure you see the https:// prefix and do not enter personal information unless that connection is being made. Or better yet, use a VPN connection.

Gift card scams and counterfeit products
Cybercriminals love to play the odds and even the small percentage of attacks that are successful often net them millions in profits. Consumers will spend billions of dollars on gift cards this holiday season and the cybercriminals are looking for a small piece of that pie. During the holiday months, there is a large increase in the number of websites pushing these fraudulent items, and many more emails directing you to malicious sites.

Common sense is usually the best deterrent for avoiding counterfeit products since a fifty dollar Rolex is pretty obviously too good to be true. These bogus products can be avoided all together by shopping with reputable retailers and doing some research on the ones you are not familiar with. Also avoid shopping via banner ads and offers in email (unless itís from a known trusted source).

Author: Troy Gill, senior security analyst at AppRiver.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Feb 8th