Holiday eSafety Tips

Another year is almost gone and it seems that time is accelerated when December begins. Before you know it you’ll be out of time for shopping in time to get gifts delivered for winter holidays. Even though you may feel rushed, it is important to stay attentive when you are online.

I expect that there will be a surge in phishing attacks designed to take advantage of the panic factor. You get an email that says something to the effect that there is suspicious activity on your account or that your account will be closed if you don’t update your information, and so on. It may be a PayPal account, a bank account, a credit card account, or even an email account. You panic… I can’t have that account closed now, I have to shop, shop, shop!!!

Stop, Stop, Stop!!! Do not click on that link in the email. Do not send your name and password. These are all phishing attacks. If the email was legitimate you could simply type www.paypal.com or www.amex.com, or whatever it is into your browser and log into your account there to see if there is a problem. You can call your bank.

If you use PayPal you might want to check out their security center and take their phishing test at https://www.paypal.com/fightphishing. They even get four out of 5 answers correct. They incorrectly asserted that “Phishing is a form of fraud designed specifically to steal your identity.” Phishing can be about identity theft, but contrary to their claims, it isn’t always about identity theft… sometimes the crook just wants your money or your online gaming account, etc. The other four questions in the quiz you should be able to get right, and if you don’t, then you need the education!

It is best never to use a link in email to access your PayPal account, even though PayPal ignorantly does include links in their legitimate emails, never use a link in an email about your PayPal account. It is a really simple rule to follow and keeps you from clicking on the links in PayPal phishing attacks as well.

Are you having problems finding some special item? All of the sudden some web site says they have limited stock for what you are looking for, but you have never heard of this web site before. Perhaps it is even at a “too good to be true” price! Do a little research. Try typing in the name of the company with the word scam and the word complaint in a Google search. For example:

http://www.cambridgewhoswho.com scam complaint

Look at see what comes up. It is even better if you know somebody who has had good results with a merchant. There are going a lot of bogus websites trying to steal your money.

Beware of your search results. If you are searching for the “Nerf N-Strike Stampede Blaster” the bad guys know it and are trying to make sure that their evil web pages come up in your search results. Pay attention to the web site you are going to. If you see something that says you need to install software or update software, get out of there. Do not click on anything on that web page and close your browser right away. If you land on a web page and it starts “scanning your computer” it is a hoax. Close your browser immediately.

Stay calm, stay safe, and have a happy holiday season!

Randy Abrams
Director of Technical Education
Cyber Threat Analysis Center – ESET LLC

Author ESET Research, ESET

  • Katherine Moss

    But the browser closing trick doesn’t always work since I got onto a weird site once (not necessarily bad), it was just making Firefox act weird, and then I tried to get away from it, and instead of returning me to bing after I ended the Firefox process from Task Manager, the site just came back up again. There has to be some kind of alternative prevention measure to take care of those kinds of things, right?

  • Pat Conway

    Why does ESET include URLs in their email.  In the latest email I read  "Here's how you can protect yourself. " but how do I know that the URL is legit.  I did a blog search and couid not find the article's  subject "Cybercriminals Don't Take a Holiday"  Please give us some way of reading your blogs with out havong to risk following a bad link.

    Thank you.

    Pat

    • Randy Abrams

      Wow, I couldn’t find it either. I’m not sure what email you read, but you can always go to blog.eset.com to read our blogs.

  • Jessica

    I would add, that in addition to phishing scams, malware authors will also take advantage of the holiday season. I remember in holidays past that many worms made their debut in December. Most were distributed via email in the form of an infected attachment. The email's subject employs social networking schemes to intice, such as "Blabla has sent you a holiday eCard".

  • Carol Brower

    Dear Randy,

    Thanks for the holiday warnings. I will try to foil all of the bad guys and develop a truly suspicious attitude to the Internet.

    Have a happy holiday yourself!

    Carol

  • Carol Brower

    Dear Randy, Thanks for the holiday warnings. . Have a happy holiday yourself!
    Carol

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

2 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.