November 27, 2011 It’s finally arrived, the much anticipated Cyber-Monday, a chance to snatch up those online bargains before someone else does. In the cyber-rush to complete your purchases, there are some simple, common sense cyber-security guidelines to follow to insure a safe, hassle-free holiday shopping experience.
Last year, Cyber Monday trumped Black Friday as the highest-volume day for holiday shopping, with an estimated $1 billion spent. The National Retail Federation anticipates 2011 cyber-sales to be even higher, projecting that consumers will complete more than a third of their holiday shopping online and sales are expected to top $1.2 billion.
Cyber-criminals are anticipating a huge payday targeting online shoppers looking for a deal, and banking on cyber-sloppy consumers to write the check. Cyber-criminals create fake Websites targeting keywords such as “tech,” “jewelry” and “toys” in searches that return the highest results. When potential customers click these links, they are instead redirected to malicious sites that download malware onto their computers or steal personal information.
Earlier this month, The Department of Justice indicted seven suspects, described as six Estonians and one Russian, accused of an international cyber-scheme that affected millions of computers in 100 countries, including half a million in the United States. The sophisticated scheme infected at least 4 million computers with malicious software or malware, according to the indictment.
Federal prosecutors in Manhattan allege the group rerouted traffic from well known, high traffic websites including Amazon.com, NetFlix, iTunes and IRS.gov to their own “rogue servers” and raked in over $14 million in fraudulent advertising revenue. The indictment alleges the suspects acted:
“Without the computer users’ knowledge or permission, the malware digitally hijacked the infected computers to facilitate the fraud.”
If you receive an email from a website that you have not visited before or even that you have, to be on the safe side – do not click the link, instead use the browser to visit the site.
It is important to keep your browser and antivirus updated. Check to make sure websites are using SSL encryption to process your payment (URL that starts with “https”) and most important use a credit card – it has built-in scam protections from the issuer. If you use a debit card, you will likely lose the power to dispute charges.
Michael Sutton, vice-president of security research at Zscaler ThreatLabZ emphasizes that online shoppers need to be “cautious, vigilant and wary about everything,” including search results, what to click on, information provided online, who sends a message on social networks and what emails arrive in the in-box.
The U.S. Department of Homeland Security is reminding cyber shoppers via the “Stop.Think.Connect” campaign to be wary of the cybersecurity risks of theft, fraud and abuse.
Perhaps the most common sense advice you have ever heard in life applies to cyber-shopping as well – if it seems too good to be true, it probably is.