While we rush online to buy gifts for our nearest and dearest, scammers are looking to make their wage from your online mistakes. Learn how to stay safe online while doing your Christmas shopping this holiday season.
‘I’m dreaming of a safe holiday season’
What you need to know this holiday season to stay safe online
It’s that time again… the familiar all-out drive by retailers everywhere to capture their share of shoppers’ seasonal spend as we rush to snap up gifts for our nearest and dearest. While online retailers are hoping we get online and buy, so too are the cybercriminals.
The latter are no doubt already gearing up to take full advantage of our good cheer, as they unleash the scams and malware that will turn celebration into commiseration for far too many of us. With online shopping becoming an essential way for us to buy our holiday season gifts, never have the prospects for bumper festive takings looked so good for the phishers and scammers.
Check out our new safe shopping online infographic to see some of the reasons why they are licking their lips:
- Looking at Europe as a whole we see that ecommerce accounted for 312 billion Euros in 2012 a growth of some 19% over 2011 (Source ECommerce Europe)
- Whilst in the US retail e-commerce sales reached $186.2 billion in 2012 an increase of 15% over the previous year (Source comStore)
- The popular shopping days being Mega Monday in Europe and Cyber Monday in the US during which a combined 715m Euros were spent (206.8M USD Cyber Monday and 565M EUR, Europe)
But how exactly are online scammers attempting to exploit you, as the next shopping frenzy unfolds?
First, they can ‘hijack’ your online accounts in a number of ways to view and steal private information. Using increasingly sophisticated phishing attacks, they can trick you into giving away your login credentials through fake pages that resemble the login pages of popular webmail or social networking sites. They can also use compromised or ‘hacked’ accounts to lure other users into believing they are receiving messages from a friend when, in fact, they’re trying to get money or other information.
Should you reveal your location online – via status updates and location-based services – cybercriminals can also use this information to target you offline, while they can plant links that give them access to your web sessions by compromising ‘cookies’ or information that is stored after login to validate users’ credentials.
Symantec’s 2013 Website Security Threat Report, demonstrates how cybercriminal activity has now reached dizzying proportions. The report’s key findings show the following:
- 42% increase in targeted attacks in 2012
- 31% of all targeted attacks aimed at businesses with less than 250 employees
- The number of phishing sites spoofing social networking sites increased 125%
- Web-based attacks increased 30%
- 5,291 new vulnerabilities discovered in 2012, with 415 of them on mobile operating systems
- 53 per cent of websites scanned were found to have unpatched, potentially exploitable, vulnerabilities.
Moreover, according to the 2013 Norton Cybercrime Report, cybercrime now claims 378 million victims each year – that’s nearly 3 times as many babies born each year, with ecommerce sites among the top malware-infected sites. With losses being keenly felt in the US, UK and Germany (US: $8,933,510, UK: $3,252,912, Germany: $5,950,725)
It all adds up to a somewhat grim scenario – but it doesn’t have to be like that. Our tendency to trust unquestioningly the online world is something that needs to change. If we adopt best practice every time we enter its realms the chances of becoming yet another victim will be greatly reduced. So, as the holiday season approaches once again, here are a few pointers to help you turn the tables on the cybercriminals and keep yourself out of the clutches of their phishing sites and social media fake pages:
- Check for Encryption, check for the padlock: Look for https (as opposed to just ‘http’) and/or padlock in your browser address bar before submitting personal information on a website. https indicates a secure session and that the site uses encryption to protect your personal data.
- If the bar is green then go shop: When the browser address bar is lit up ‘green’, the identity of that website has been strictly validated by a Certificate Authority such as Symantec
- Look for a trust mark, such as the Norton Secured Seal. It proves that the website is legitimate and not a spoofed one
- If a tempting offer in an online ad, or an email, sounds too good to be true, it probably is. You may be tempted to click, but you’d be wise to junk them instead
- Check Feedback: Look to see what others are saying about the site you are planning to shop on
- ‘Cooldude’ is not an acceptable password. Pay attention to the passwords for your email, social networking and online bank accounts. Keep them as unique as you can:
- At least 8 characters
- Random mixture of characters upper and lower case, numbers, punctuation and symbols
- Avoid words found in dictionary
- Never use the same password twice
- Change your passwords every month.
- Avoid using the same password across multiple accounts and don’t share your passwords.
Stick with all of these safeguards constantly and not only will you be celebrating a ‘Right Christmas’, but the chances are you will not be one of the 18 people per second that becomes a victim of cybercriminals.