Wednesday, December 16, 2009

Great Cyber Security Advice for the Holiday Season and the 12 Scams of Christmas: Part 2

Here is a list of the dozen most-common cyber-scams perpetrated during the holidays, according to McAfee Labs, makers of the McAfee computer security software suites:

Phishing schemes. Playing off recipients' Christmas-time impulses, e-mails are sent that appear to be from legitimate charities. They actually lead victims to Web sites that not only steal donations, but glean credit card data and identities.

Fake invoices. Bogus invoices and delivery notifications appearing to be from Federal Express, UPS or the U.S. Customs Service arrive, seeking credit card details and installing malware on recipients' computers.

A scammer "Wants to be Your Friend". These messages look like real "New Friend Request" from social networking sites, but clicking on these e-mails may install malware on computers that steals your personal information.

E-cards. A holiday e-card arrives promoting some socially- or environmentally-conscious cause. They can spoof such corporations as Hallmark, McDonald's, Coca-Cola , etc. The attachments, however, could lead you into trouble.

You've won a chance to buy expensive, brand-name jewelry! You could end up paying a much higher price, however, when clicking on such deals installs data-mining software on your PC.

Practice safe shopping; cyber-thieves are watching. Using public Wi-Fi hot spots, or from a public computer with an open network connection is inviting trouble. Hackers routinely spy on users in such scenarios.

Risky holiday searches. One of holiday hackers' favorite schemes is to create Web sites specific to the season offering ringtones, screensavers, PC wallpaper and Christmas carol lyrics. However, downloading such offerings poses the risk of unknowingly installing spyware, adware or malware on your computer.

Job-related scams. Risks associated with these schemes are particularly pronounced this year, with unemployment topping 10 percent. Promises of high-paying jobs or work-from-home opportunities ensnare the unaware into paying so-called "set up" fees; not only does the victim lose money, but personal information also is compromised.

Auction site fraud. Scammers may lurk on auction sites offering deals that appear just too good to be true for products that actually are too good to be true; money is transferred but the items are never delivered.

Purloined passwords. By tricking victims into logging on to bogus sites or filling out fake forms, thieves gain access to private passwords. A twist on this scheme is offering downloads of games or programs that secretly install "keylogging" malware on computers that record passwords for banking and credit card accounts.

E-mail banking scams. Tricking victims into revealing bank account details through official-looking e-mails warning of accounts due to be suspended or cancelled allows cyber-thieves to harvest information that often then is sold to criminals on the Internet black market.

Pay up: We've got your files. In some cases, once personal identities and financial data are captured, hackers may encrypt them -- in effect holding the information hostage until the victim makes payment.



Search This Blog

Who am I?

I am a law enforcement professional with over 35 years experience in both sworn and civilian positions. I have service in 3 different countries in both the northern and southern hemispheres.

My principal areas of expertise are: (1) Intelligence, (2) Training and Development, (3) Knowledge Management, and (4) Administration/Supervision.

  © Blogger templates The Professional Template by 2008

Back to TOP