The National Retail Federation predicts that 56.5 percent of American consumers will shop online this holiday season, and Adobe predicts they will spend over $90 billion. Online retailers are getting ready to feast.
So are online criminals.
Internet security company Enigma Software reports that malware infections in the month before Christmas have increased steadily for the past two years and they see no reason why the trend won’t continue this year.
Enigma gathered data on malware infections detected by their SpyHunter malware detection and removal program. They compared the average number of daily infections from mid-October to mid-November to the average from Thanksgiving to Christmas Eve and found a 42 percent increase during the month between the holidays in 2014 and an 82 percent increase in 2015. Some cities such as Chicago, Boston and New Orleans saw increases of over 100 percent, and Nashville, the hardest hit city in the US, saw a 175 percent increase in malware infections during the month before Christmas
How they get you
Consumers rate email from retailers as the best source for finding out about shopping deals during the holidays according to the Adobe report. When asked specifically about the best way to get offers on their mobile devices, 40 percent of consumers preferred email from retailers. This was more than twice as many as those who preferred text messaging which came in second at 19 percent.
Cyber criminals take advantage of consumer’s reliance on email as their preferred source for information about online bargains. Enigma reports that fake email from retailers is the favored approach of malware purveyors hoping to steal your personal, credit card or banking information or lock up your computer or mobile device with a ransomware demand.
Fake holiday email often takes the form of special low-price offers or notices from a retailer that there was a problem with a recent order. If the phony email was designed and built with skill, it will be a very good facsimile that is difficult to distinguish from a legitimate email from the retailer. The malicious email will invite you to click a link to buy at the bargain price or solve the problem. Clicking the link installs malware on your system.
Another scam run by cyber criminals involves using bogus or hijacked social media accounts that contain links to malware. Twitter is especially good for this because tweets are usually filled with links. Facebook is another popular social media platform used by cyber criminals to catch unwary shoppers.
How you can protect yourself
You can protect yourself from these scams by following standard email and website security practices.
Never click on a link in an email from a retailer. Never. If the email is from a website you’ve never heard of and the prices being offered seem too good to be true, don’t click on anything and delete the email tout de suite. If the email is from a retailer you know or have shopped at, go to their website directly without clicking on any links in the email you received. If the email was legitimate you will be able to find the sale price or find out what happened with your order.
Never click on a link in any message you receive through a social media website like Twitter or Facebook. If it looks like the message came from a friend, email them directly and ask if they sent it.
If you visit a website that asks you to install software that will allow you to purchase things from them at bargain prices, don’t do it. If you want the item they’re offering, pay more for it from a website you know is reliable.
Make sure your security software is up to date and you have reliable anti-malware software installed on all of your devices.
All of these security practices should be followed throughout the year but it’s especially important during the holiday shopping season when cyber criminals increase their attempts to infect your systems with malware. It’s easy to get caught up in the frenzy of searching online for the best deal or trying to fill your shopping list at the last minute. The cyber criminals know this and they ramp up their scams the closer it gets to Christmas. Enigma reports that in both 2014 and 2015 the days that saw the most malware infections came two weeks after Cyber Monday. People are desperate to get their online orders placed with enough time to ensure delivery before Christmas. Harried, stressed and in a hurry, they click a link without thinking and their holiday turns into a nightmare.
Be careful, be smart and don’t let it happen to you.