With online holiday shopping expected to grow 12.1% in the US this year, to $96 billion, and more people than ever using social media and mobile devices to connect, the cybercriminals have a lot of opportunities. Using multiple devices provides more ways to access valuable “digital assets,” such as personal information and files.
According to a recent McAfee report, consumers place an average value of $37,438 on the “digital assets” they own across multiple digital devices, yet more than a third lack protection across all of those devices. Considering this, Gary Davis, for McAfee, has collected the latest 2012 holiday-related online scams and security tips for consumers.
1) Social media scams
Scammers use Facebook and Twitter just like email and websites to scam consumers during the holidays. Be careful when liking Fan Pages, clicking on fake alerts, taking advantage of raffle’s, ads and deals that you get from “friends,” or installing suspicious “holiday deal” apps that give your private data away. Twitter ads and special discounts for popular gifts are especially popular, and utilize blind, shortened links, many of which could easily be malicious.
2) Malicious Mobile Apps
Smartphone users have downloaded over 25 billion apps for Android devices alone. A recent study found that 33% of apps ask for more information than they need, such as access to your contacts or location. Download applications from official app stores and check other users’ reviews, as well as the app’s permission policies, before downloading.
3) Travel Scams
Most travelers to visit over the holidays begin the journey online looking for deals on airfare, hotels, and rental cars. Phony travel web pages with beautiful pictures and rock-bottom prices are used to get you to hand over your financial details. The FBI recently warned travelers of a hotel Wi-Fi scam prompting computer users to install a popular software product before connecting to their hotel Wi-Fi. The installation downloads malware onto your machine.
4) Holiday Spam/Phishing
Soon many of spam emails will take on holiday themes. Cheap Rolex watches and pharmaceuticals may be advertised as the “perfect gift” for that special someone. The report expects to see an increase in holiday-themed phishing emails that try to trick you into revealing financial or personal details by posing as an offer from a legitimate business.
5) The new iPad, iPhone 5, and other hot holiday gift scams
Excitement and buzz surrounding Apple’s new iPad and iPhone 5 is what cybercrooks dream of. They will mention must-have holiday gifts in dangerous links, phony contests and phishing emails. Be suspicious of any deal mentioning hot holiday gift items, especially at extremely low prices. Verify the offer with the retailer involved.
6) Skype Message Scare
Be aware of a new Skype message scam that attempts to infect your machine, and even hold files for ransom. The threat appears as a Skype instant message with the scam line “Lol is this your new profile pic?”. If you click on the included link, a Trojan downloads onto your hard drive, blasts the dangerous link to all of your contacts, and can even try to extort money from some PC users to regain access to their files.
7) Bogus gift cards
Gift cards are probably the perfect choice for a lot of people on your holiday list, and cybercriminals want to get in on the action by offering bogus gift cards online. Be wary of buying gift cards from third parties; buy from the official retailer.
8) Holiday SMiShing
“SMiSishing” is phishing via text message. Since many keep a close eye on our bank accounts during the holidays, be wary of SMiShing messages that appear to come from your bank, asking you to verify information or visit a phony webpage.
9) Phony E-tailers
Phony e-commerce sites, that appear real, try to lure you into typing in your credit card number and other personal details, often by promoting great deals. It’s important to shop at trusted and well-known e-commerce sites. If you’re shopping on a site for the first time, check other users’ reviews and verify that the phone number listed on the site is legitimate.
10) Fake charities
One of the biggest scams of every holiday season is charitable giving. Criminals hope to get in on the giving by sending spam emails advertising fake charities. fooling you into thinking that they are a real charity, such as the Red Cross, with a stolen logo and copycat text, or the charity may be entirely invented.
11) Dangerous e-cards
E-Cards are a popular way to send a quick “thank you” or holiday greeting, and there are plenty of free and paid e-card sites out there. While most e-cards are safe, some are malicious and may contain spyware or viruses that download onto your computer once you click on the link to view the greeting. Others ask you to click on an attachment to view the card, and then download a Trojan onto your machine.
12) Phony classifieds
Online classified sites may be a great place to look for holiday gifts and part-time jobs, but beware of phony offers that asked for too much personal information or ask you to wire funds via Western Union.
Please visit McAfee here for additional information.