PandaLabs is advising holiday shoppers to be extra wary when shopping online this holiday season. As in past years, cyber criminals have launched a war on the season through a multitude of holiday-themed scareware, spam and Blackhat SEO attacks.
To stay safe, PandaLabs suggests holiday shoppers adhere to the following guidelines this Friday and Monday, and throughout the holiday shopping season:
Avoid using search engines for locating special holiday deals. Criminals commonly turn to Blackhat SEO, which involves maliciously using search engine optimization around hot keywords to poison search engine results. Instead of using a search engine, go directly to reputable sites that you are familiar with.
Don’t click on embedded links in advertisement e-mails. E-mails that appear to be advertisements from legitimate vendors could be a well-disguised scam or malware attack. Chances are you’ll be able to find the same deal by going directly to the website in your favorite web browser.
Install all available operating system updates and patches. Criminals are particularly skilled at exploiting critical vulnerabilities in operating systems and commonly used applications. Computer users are often silently redirected to a website with a carefully crafted malicious payload that leaves the computer infected with data-stealing malware or extortion-based threats. In addition to updating your system, update Adobe Flash, Adobe Reader, and Java software, which are all commonly targeted by cyber criminals.
Don’t underestimate criminals. Cyber criminals have no limits, and will create fake advertisements, shopping carts, poison various search terms and more in order to infect your computer and steal your personal data. If you’re unsure if a site is legitimate, run a search online to see if you can determine whether it’s widely known. If you can’t find details on a retailer, take your business elsewhere.
Only purchase from sites that offer secure browsing (SSL/https). You can tell if a site uses SSL/https if there is a padlock icon on the bottom corner or in the address bar of your browser. Some browsers like Internet Explorer and Chrome turn the address bar green to indicate that the site is secure. Even if a site uses SSL/https, remember that SSL only works to create a secure Internet tunnel between you and the e-commerce server. You can still transmit sensitive data over to cyber criminals, so it’s best to run frequent anti-malware scans.
Always use updated anti-malware protection. Despite growing awareness of today’s Web-borne threats, many people still don’t use even a basic anti-virus solution and leave themselves vulnerable to infections, data loss and identity theft.