While it may be the season of good cheer and good tidings, Christmas and New Year are also the busiest times of the year for online spammers and scamsters.
The twisted logic of Internet skullduggery peaks around the end of the year, as shopping and gift sites see increasing online traffic. “This (season) gives cybercrime players such as spammers and phishers the perfect occasion to make merry with their tricks and techniques,” said Shantanu Ghosh, vice-president of India product operations at Symantec Corp., a US-based technology security firm and developers of the Norton Antivirus in an email interview.
The end of the year sees a spur in online shopping for gifts, and with it, a surge in spam and online scams.
An Associated Chambers of Commerce and Industry of India (Assocham) report released during Diwali had said that at least 300,000 consumers use the Internet for e-shopping. “These figures are expected to shoot up further for Christmas gifts as the threat in the ‘brick and mortar’ stores may force more Indians to look at e-shopping,” said Ghosh.
All of which makes the perfect backdrop for pulling a scam on the world wide web. And Internet security firms (such as Symantec) work overtime to identify, circumvent and inform consumers of the dangers lurking online.
Security firm McAfee Inc., for example, released the ominously titled 12 Scams of Christmas report last week, which, it says, “shows how common scams can take the happy out of the holidays”.
Among it’s myriad warnings, the report cautions against “charity phishing” scams—fictitious emails apparently sent by charitable organizations that are actually link to scam sites. Another common technique is banking scams, where an official looking email is sent from what seems to be your bank, asking for sensitive account information, when, in reality, it merely redirects you to a scam site. A quick way to spot these phishing mails, McAfee says, is to check the site from which they were sent, by clicking the “more details” button at the top of the email, and verifying that it is indeed the official site of your bank or charitable institution.
Spam, or junk email, is also at its gleeful best this time of year. Security firm Symantec, in its monthly Spam Report has asked consumers to “watch out for holiday-themed spam”, with common email titles including: Gifts for Christmas, Holiday Luxury Gifts, Most Affordable Gifts, Low Christmas Pricing, etc. Some spam may also be disguised, McAfee’s report warns, as e-greeting cards, whose sites sometimes download trojans, or malicious code, on to your computer. “The use of Santa Claus has also proven to be effective bait for children and adults alike,” said Ghosh.
But all is not dark and dangerous online. A few simple precautions, says Parry Aftab, online safety expert and Internet security advisor for McAfee, can help you steer away from most threats.
Browsers need to be frequently updated to protect against vulnerabilities.
“Be sure to read the fine print at any online shopping site, and use good security tools [such as the free Spybot (www.spybot.com) or Internet security tools from Symantec and Mcafee] to keep your credit card and banking information tucked away safely,” he says. “And don’t leave your credit card number stored on your computer where someone else can access it.”
Also, says Symantec’s report, always use the latest version of your browser—be it Firefox, Chrome or Internet Explorer, and download all the latest security updates. Browsers are frequently updated to protect against vulnerabilities, and an outdated browser could be open to attacks. Do not open what appears to be a spam email, and if you’re suspicious, do a quick search on either Symantec’s website at Symantec.com/norton (which has a real-time “Threat Explorer”) or McAfee’s threat centre at their website Mcafee.com.