The holiday shopping season has begun. Black Friday, Cyber Monday and the online promotional sales throughout this festive season, costumers are on the hunt for the best deals. This is usually the high season for cyber security breaches when shoppers are hungry for online discounts. Cyber attackers look out for vulnerable consumers and businesses to attack that will get them the largest pay out.
Tactics employed by these criminals include:-
- PHISING SCAMS: Attackers know that during this time of year many of us are receptive to emails containing the latest sales and discounts, and may be expecting deliveries. TheÂ ransomware Â Crypto Locker has recently been spread using this trick. Never click links or attachments in unsolicited emails
- FAKE-OUTS: Fake product giveaways are another holiday tool used by cyber crooks. They especially like to offer the latest â€œhotâ€ items for the holiday. Phishers try to steal personal information by getting unsuspecting victims to fill out details on â€œentry forms.â€
- PHONY WEBSITES: Phony websites are another hazard at any time of the year, but they are more prevalent during the holiday season. They might be fake banking sites, false social network sites, or phony online shopping portals. Pay close attention to domain names and URL addresses.
- MALICIOUS ADS: Ads on legitimate web sites can also fool people. Hackers either buy ad space on real web sites, or they hack online ad systems illegally to inject fake ads. They also are getting very good at search engine optimization (SEO) tricks to get their phony web sites to show up at the top of popular searches. Before clicking ad links or following search results check the domains and URLs very carefully.
Security Tips for Online Shoppers
a.Â Â Â Avoid doing any proprietary transactions, such as banking, shopping or purchasing, on insecure wireless networks
b.Â Â Â Use strong passwords, never share them, and use different passwords for multiple web services so that if a cybercriminal hacks one account they canâ€™t gain access to other accounts
c.Â Â Â Education, awareness, and vigilance are some of the best cyber security tools
d.Â Â Â Keep your operating systems and software applications updated and patched.
Security Tips for Businesses
i.Â Â Â Â Â Â Â Implement aÂ Web Application Firewall, making sure it is maintained and monitored continuously by a security expert.
ii.Â Â Â Â Â Â Â Implement a robustÂ Intrusion Prevention SolutionÂ (IPS) to defend against cyber threats, including web exploit kit attacks, SQL injection attacks, banking Trojans, etc
iii. Â Â Institute and enforce a centralized plan for keeping your computer applications, operating systems and security software updated. Make sure servers and workstations are fully patched promptly and regularly.
iv.Â Â Â Â Â Â Â Do Vulnerability Assessment and Penetration Testing (VAPT) regularly to detect and patch any vulnerability.
v.Â Â Â Â Â Â Â Enforce policies that are in line with your security needs.
The fight against cybercrime is challenging, and sharing knowledge about cyber threats and incidents is essential. Just remember to staying vigilant is critically important and will go a long way to ensuring that youÂ avoid cyber threats this season. The best security solution is only as good as the people behind it.