Identity Thieves LOVE the Holidays
The holiday season is an exciting time for consumers, and even more exciting for identity thieves. Criminals know that good cybersecurity practices are often put on the back burner when consumers are shopping for the perfect holiday gift.
Fraudsters rely on you to “click before you think” when browsing the hoard of online discounts and holiday sales. Without the proper preventative measures put in place, the holidays can leave you extremely vulnerable to various identity crime tactics and scams.
Prime Time for Cyber Crime
It’s no secret that the holidays are also prime time for cybercriminals. Research confirms what identity thieves already assume: 92 percent of consumers prefer to shop online.
However, trends have historically shown spikes in cybercrime during the holiday months. Enigma Software’s 2015 report showed a 76 percent spike in malware infections just on Cyber Monday.
Additionally, the Anti-Phishing Working Group’s (APWG) noted that phishing attacks significantly increased between October and December 2016. The organization reported 51,153 phishing emails in October, 64,324 in November, and an even more significant spike in December with nearly 96,000 reported attacks.
Why We Keep Falling for Online Scams
Fraudsters typically use two common methods to target consumers for their personal and financial data online. Let’s explore how emails, malware and spoofed websites can be used for a variety of holiday scams.
Spoofed websites – also sometimes called phishing sites – are extremely common during the holiday season. In fact, the APWG found 119,000 unique phishing sites impersonating over 300 different brands in November 2016.
Criminals set up fake websites to steal your personal information. These sites will often replicate well-known companies like Target, Amazon or Walmart to further convince you of their legitimacy. In short, criminals hope that you trust the site enough to provide sensitive information like Social Security numbers, credit and debit card information and other personal data.
You may visit a page that visually looks familiar. But spoofed websites will have URL links that do not align with a company’s official website. While some may be easy to spot, more sophisticated criminals can create URLs that closely mirror legitimate sites. Because of the fast-paced nature of holiday shopping, criminals hope you’re too fixated on that too-good-to-be-true deal than notice whether the site is legitimate.
Phishing and Spam Emails
Phishing emails go hand-in-hand with spoofed websites, also aiming to impersonate well-known companies that are familiar to you. Spam emails can also contain harmful software, or malware, disguised as links or attachments within the email itself.
What is Malware?
Malware can pose a major risk to the sensitive data you store and share on your devices. There are many types of malware that carry out a variety of functions. One type of malware referred to as a “Trojan” will disguise itself as a legitimate file like Word documents and images.
A “virus,” on the other hand works to infect the existing files to cause damage to your device. A third type of malware, known as “spyware,” can track your keystrokes and other user behaviors to capture sensitive information like login credentials, financial account numbers and more.
Related content: The Need for Anti-Malware Protection This Holiday Season
Holiday 2017 ID Protection Tips
It would be difficult to avoid the Internet altogether during the holiday season – especially when gift shopping is much more convenient online. Use these tips to help secure your identity for the upcoming holiday season:
- Avoid downloading or “redeeming” coupons, promotional or discount codes from emails and pop-ups. These are often used to convince you to click or download malicious software to your device.
- Keep an eye on your financial accounts, bank statements and credit activity, and report any suspicious activity as soon as possible.
- Be wary of deals you find on social media websites or search engines. Sophisticated cybercriminals can manipulate spoofed sites to show up in search engine results or social media ads.
- Double check deals on the company’s official website to determine if coupons or promo discounts are legitimate. If the deals don’t match, it’s more than likely a phishing or spam email.
- As always, never provide login, personal or financial information on unsecured sites. Look for “https://” at the beginning of the web address and the green lock next to it to ensure you’re visiting a secured site.
- Use anti-malware or anti-virus software, and be sure that it is properly installed and updated regularly.
The views and opinions expressed in this article are those of EZShield Inc. alone and do not necessarily reflect the opinions of any other person or entity, including specifically any person or entity affiliated with the distribution or display of this content.