Cloud Communications

You're Most Likely Affected by These Holiday Shopping Scams - Unless You Already Have Been

By Madhubanti Rudra TMCnet Contributor

As holiday shoppers continue to busily shop online to spread good cheer through the retail industry, cyber criminals are similarly laying out cookies and milk for them in the form of malware across the Web. Think you may not be affected by these desperate ploys? Think again.

Last week, Staples (News - Alert) revealed a survey revealing 48 percent of its participants to complete their holiday shopping and shipping smack dab in the middle of the season’s chaos, or worse, at the last minute possible. You just may represent this steep number of classic last-minute shoppers – whether online or in store – but that doesn’t mean you have to fall prey to scammers.

For the enlightenment of holiday shoppers everywhere who are scrambling to find the perfect gifts for loved ones as well as are searching for shipment options, GFI Software released its latest VIPRE report, a list of malware campaigns that used fake credit card and shipping notifications to victimize unassuming holiday shoppers – or perhaps the ones who are so overwhelmed by putting it all off to the last minute.

According to the VIPRE Report for November 2012, since Black Friday (News - Alert), online shoppers have encountered innumerable malicious attacks.  Sometimes, malicious links were delivered in the form of credit card notification; sometimes, attackers used the brand names of top shipping companies to launch the assault. Even worse, consumers were baffled by a phony Twitter Video application via Facebook (News - Alert), proving that aggressors are willing to go to any level necessary for their deviant cause. Specifically, mobile malware was disguised as the latest Angry Birds game.

You may shrug this off, but consider the fact that in an Angry Birds Addiction Infograph (yes, such a thing actually exists), the wildly popular game has been downloaded over 300 million times since its debut in 2009, averaging to about 100 million downloads per year. Even more, people play 200 million minutes of the game per day – equivalent to 16 years of game play every hour of every day.

Senior threat researcher at GFI Software Christopher Boyd cautioned buyers against cybercriminals, who take advantage of such online buyers who are bogged down by the stresses of last-minute gift buying and finding the right shipment option. Simply by double checking the source of e-mail messages and confirming the destination of links before clicking, online shoppers can outsmart these cyber cons, Boyd elaborated in a statement.

“One unfortunate reality about the holiday season is that while many people choose to spread good cheer, Internet users can also count on cybercriminals to spread malware. They prey on the stresses of last-minute gift buying, hoping to distract consumers from being cautious with their personal information online,” Boyd explained. “Cybercriminals have a large pool of potential victims at this time of year as more and more people flock to online shops to buy holiday gifts and ship them with their favorite package delivery company. No matter how crazy the season gets, users need to remember to practice the same good habits such as double checking the source of email messages and confirming the destination of links before clicking.”

The examples cited in the VIPRE Report speak of high level of ingenuity of today’s cyber criminals.

One cybercrime campaign delivered fake DHL Express delivery notifications to users' inboxes, claiming that DHL was unable to make a delivery to the victims' addresses and that they needed to go to their local DHL office to present a postal receipt and claim the package. Users attempting to print their receipt were redirected to a number of websites leading to a phony antivirus program which infected users' machines, blocked other applications from running, caused pop-ups and redirected victims to messages designed to scare them into purchasing the fake antivirus software.

In another malware campaign, international shipping brand UPS’ name was also used to trick consumers into clicking on malicious links.

Recently, GFI Software announced the availability of its GFI FaxMaker 2013, an expanded and improved version of the company’s award-winning network fax server software.

To explore all of GFI’s offerings, visit www.GFI.com.

Want to learn more about cloud computing solutions geared specifically towards small to medium-sized businesses?  Don’t miss the Cloud4SMB Expo, collocated with ITEXPO Miami 2013, Jan 29- Feb. 1 in Miami, Florida.  Stay in touch with everything happening at Cloud4SMB Expo. Follow us on Twitter.

View More