It’s not only consumers in the US who are ready for Black Friday.
Hackers are too!
Security experts are expecting an increase in Web-based attacks against consumers later this month.
The holiday season in general is a huge time for hackers [and] Black Friday is typically the start, says Paul Henry, vice president of strategic accounts for Secure Computing.
This year, my biggest concern for consumers is all the Web-borne malware out there.
Black Friday, the day after Thanksgiving, is followed in a few days time by Cyber Monday, so named because of the increase in web based shopping undertaken over the holiday period.
Both offer great opportunities to retailers and online fraudsters alike.
Consumers are advised to be on their guard for e-mails advertising incredible deals that seem too good to be true.
Freebies may be freebies in the sense that you get free malware, says Jamz Yaneza, a senior threat researcher at Trend Micro.
One of the more common scams at this time of year is to choose the hot toy of the season and then send out a slew of spam, offering it for a much lower than expected price. This can lead victims into entering credit card information on malicious phishing sites, designed to appear like well-known and respected ones.
In addition to fraud, such sites may also download a keylogger in order to steal personal information that people type in when making any kind of Internet transaction.
Be leery of sites being advertised [in e-mail that might be spam]. In all likelihood you’re being directed to a malware-connected site, Henry says. Do not click on URLs within e-mails even for well-known public sites.
It might say ebay.com, but you’re actually clicking on something entirely different, Henry says.
Internet fraud continues to rise with losses related in US e-commerce expected to exceed $3.6 billion in 2007. This would represent an increase of 20% from last year, according to a report by the vendor CyberSource this month. Remember that topping the search results in Google or Yahoo may not indicate that you can trust a site -operators of malicious and fraudulent sites discovered how to game the system and rise to the top of search listings a long time ago.
I’ve seen instances where the top site that is ranked actually gets there by gaming the Google search algorithm, Yaneza says.
Legitimate Web sites can be dangerous too, when hackers inject code into Web pages redirecting users to malicious sites, Yaneza says. The Dolphin Stadium Web site was attacked in this way prior to last year’s Super Bowl in Miami. Cyber Monday is thought to be a bigger day for online retailers because people return to work en masse after the Thanksgiving break and are sitting in front of office computers all day.
Yaneza’s advice for consumers is effectively simple – ensure that you installed all the latest updates and patches for your security software and Web browsers.