Lavasoft News - December S2006

’Tis the Season to…Get Scammed

Like millions of others, Dawn Karlsson in Gothenburg, Sweden, regularly makes online purchases with her credit card, but this holiday season she will be stepping foot in the stores instead.

Karlsson’s credit card details were stolen, she thinks, via a so-called "safe" retail website. An investigation is ongoing to find out how thousands of Swedish kronor were racked up on her card in Spain.

"I have lost total faith in online purchases and will not be giving my card number out to anyone online again," Karlsson told Lavasoft News.

With an updated system, especially anti-spyware software and a firewall, shoppers like Karlsson are much better prepared to tackle the season's malware challenges. Still, shoppers everywhere are being urged to be extra vigilant this month as cyber criminals gear up to launch organized, large-scale attacks. And it is a big group for these hackers to sink their teeth into.

Consumer Reports predicts that a record 50 per cent of all shoppers will use the web for at least one purchase this holiday season. More than 100 million Americans alone are expected to get their gifts online in 2006.

"Identity fraud picks up during the holidays because that's when the credit-card companies have to turn off their monitoring software that flags suspicious transactions," said Todd Davis, an IT-theft prevention expert at LifeLock Inc. "There are still some triggers the software will catch, but the companies cut it way back - otherwise the system would crash, because there are so many transactions during the holidays."

The holiday shopping season provides the perfect scenario for hackers to use spyware, keyloggers and phishing techniques to steal passwords and private information from shoppers. Fake websites that impersonate real companies or offer fake products and services are a popular choice to lure victims this year.

Here is how to avoid being a victim:

  1. Be prepared. Make sure your PC is free from any viruses or spyware before you make an online transaction, and as you’ll see in this month’s Tech Tips, it is wise to have the latest security updates from Microsoft (assuming you have a Windows machine).


  2. Do your research. The smartest shoppers will stick to mainstream retailers or well-established e-tailers, but you can always look up unfamiliar sites at the Better Business Bureau (www.bbbonline.org), www.bizrate.com, or www.shopping.com to check the company’s ratings.


  3. Know your options. Your regular credit card is not the only method of payment available out there. There are credit “gift” cards that can be bought at many banks and retail outlets in which you specify the amount you want on it, use it once and then throw it away. Paypal is also an option, but there are many phishing scams out there right now using fake Paypal pages, so be careful.


  4. Security is key. Look for signs that your online purchases are secure. When providing your payment details, the URL should change from http to shttp or https, indicating the information is being encrypted. Your browser might also indicate a key turning or padlock closing, which means the site is secure.


  5. Use your common sense.

Safe shopping!

 

Home  arrow

 
Quick Buy: Ad-Aware SE Plus, Professional & Enterprise *offer ends 31/12/2006
In the spirit of giving this holiday season Lavasoft is giving you 15% off all Ad-Aware SE products – Plus, Professional and Enterprise – the entire month of December. Take advantage of this merry deal and keep yourself and your loved ones spyware free!

* Please enter the following coupon code to retain your rebate: zz46tv12x8c

Holiday Shopping Stats
American consumers will spend more than $32 billion in holiday Internet purchases this year.
Source: Jupiter Research

As many as 12 million people could fall prey to ID theft in some form – 40% of them between mid-Nov. and Jan.1.
Source: LifeLock Inc.

Trojan horse

Term of the Month
A zero-day attack is a virus or other exploit that takes advantage of a newly discovered hole in a program before the developer has made the fix available, or sometimes even before they are aware the hole exists. "Zero-day" is the day you open the virus-infected e-mail or get hit by a drive-by download because the anti-virus or anti-spyware software you keep up-to-date knew nothing of the attacks.
Read more at Wikipedia here.

Tech Tips
Attention Windows Users: If Microsoft Windows is your main operating system, be sure to visit Microsoft Security Updates and stay on top of all of the security patches that Microsoft releases on a monthly basis. Ongoing Microsoft vulnerabilities underscore the need to:

1) Regularly update your operating system with the latest patches, and

2) Maintain active virus, hacker, spyware and other identity theft protection.

Lavasoft AB
Lilla Bommen 1
411 04 Gothenburg
Sweden

www.lavasoft.com
editor@lavasoft.com

Page footer