On-line shopping for Mother’s Day

May 2010 Cyber Security

Husbands and teenage children need to pay great attention to on-line transactions of all kinds

According to an independent research conducted by Dept Information System, University of Cape Town “the national economy [of South Africa] will become increasingly reliant on IT infrastructure and e-commerce for critical activities. Future growth may be hindered by the constantly evolving threat of computer crime, and thus it imperative that South African organisations are made aware of and become more knowledgeable of the origins and consequences of computer security issues, in the hope that further investment will be made into computer and information security for improvement”. This is exactly the reason why people need to understand the threats Internet poses and work with AV specialists to find ways to protect themselves and their families against cybercrime.

Unfortunately, only few of the Internet users are actually aware of the threats lurking in the Internet jungle. Here are a few examples of such dangers:

1. The web being the very next best thing when it comes to shopping for gifts, most computer users will point their browser to their favourite online store with the credit card details at hand. Credit card credentials can get into the hands of ill-meaning third parties either as the result of a successful phishing attempt or of a Trojan with keylogging capabilities having compromised the system prior to the purchase.

2. Spammers will most definitely take a chance at piggybacking on the event so as to advertise bargains that would make excellent gifts for women. These knockoffs might be pieces of jewellery, accessories, as well as sexual enhancement pills or other prescription-based drugs. Social networks are other vulnerable spots that cybercriminals choose to exploit. They might become channels for spam and phishing messages made to trick the user into willingly sharing his/her credentials most of the times without assuring ahead of the credibility of the source of the message.

Figure 1. Spam message advertising Viagra
Figure 1. Spam message advertising Viagra

3. Malware-bundled greeting cards are also expected to proliferate. They usually carry various hidden e-threats, especially variants of zBot as well as the infamous Koobface worm. All sorts of malware can reach the user 'nicely' wrapped in a spam message:

Figure 2 Malware-bundled spam message
Figure 2 Malware-bundled spam message

4. Identity theft should be yet another major concern for online shoppers while filling-in personal information in order to buy the gift of their dreams. The rules that apply here are never to visit and use an online store that promotes its services through spam mail and not to provide more personal information than it is necessary for shipping and billing.

Here are some e-safety guidelines for your online quest during Mother’s Day:

* Using a complete anti-malware solution, such as BitDefender Total Security, will solve most of these problems, as it can block spam, phishing attempts and prevent malware from infecting your computer, therefore keeping your private data safe.

* Exercise caution when you add personal data to your accounts. Keep the critical data to a safe minimum. Do not disclose important information such as social security number, date of birth, home address or phone number, before you know for sure who you are talking to.

* Pay great attention to the links you visit and do not download any content before you are absolutely sure that it comes from a trustworthy person.

* Do not check your e-banking account from public computers connected to Internet (like those in a library or Internet Café).

* If you use a wireless connection, make sure that your connection is secured and encrypted and that you know and trust the owner of the access point; also, refrain from using an unsecured public wireless connection (like those in airports or hotels) when banking over the Internet. Still, if forced to do so, use an on-screen (virtual keyboard) to enter sensitive data. Although not 100% bulletproof, this technique would guard your data from average keylogger applications.

* Make sure that the e-banking Web site uses SSL encryption (Secure Socket Layer) and security authentication methods - look for the 'https' prefix and the locked padlock. If you are requested to accept a certificate for the session, check that the name on the certificate matches the name of the institution you wish to deal with and that the certificate is signed by a known Certificate Authority such as Thawte or VeriSign before accepting.

* Avoid using a non-secured computer (like a friend's desktop or job colleague laptop). Still, if you are forced to do so, make sure you at least run BitDefender's advanced scanning on-line tool, Quick Scan, before proceeding.

For more information contact Alina Anton, senior PR & marketing coordinator, EMEA & APAC Business Unit, BitDefender, +40 212 063 470, aanton@bitdefender.com, www.bitdefender.com

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Prevention-first approach to cybersecurity
News Cyber Security
Check Point CEO, Gil Shwed, highlights the increasing importance of artificial intelligence in defending evolving networks and protecting against cyber threats at annual CPX 360 customer and partner event.

How much protection does cyber insurance really give businesses?
Cyber Security Security Services & Risk Management
If organisations don’t meet even the minimum requirements of security and data protection, insurance will do them little good. Instead, it needs to be just one part of the digital resiliency toolbox.

Introducing adaptive active adversary
Cyber Security Products
New adaptive active adversary protection; Linux malware protection enhancements; account health check capabilities; an integrated zero trust network access (ZTNA) agent for Windows and macOS devices; and improved frontline defences against advanced cyberthreats and streamline endpoint security management.

Eleven steps to an effective ransomware response checklist
Editor's Choice Cyber Security
Anyone is a viable target for ransomware attacks and should have a plan in place to deal with a worst-case scenario. Fortinet offers this ransomware attack response checklist to effectively deal with an active ransomware attack.

Blurring the lines between data management and cybersecurity
Cyber Security IT infrastructure
In the past, data management and cybersecurity would fall under separate domains, but with more organisations making the shift to the cloud, data management and data protection have merged, essentially blurring the lines between the two.

Recession? Do not skimp on cybersecurity
Cyber Security Security Services & Risk Management
While economists are studying their crystal balls, businesses have to prepare for the worst, and preparing for a recession means cutting costs and refocusing resources; however, they must ensure they do not end up creating an enormous risk.

Organisations are increasing modern data protection for cloud workloads
Cyber Security
The Veeam Cloud Protection Trends Report for 2023 identifies what is driving IT leaders to change strategies, roles and methods related to both production and protection of cloud-hosted workloads.

Cybersecurity in Africa: The challenges and solutions
Training & Education Cyber Security
Africa faces a significant challenge when it comes to the availability and distribution of cybersecurity talent and secure IT infrastructures. Facing this challenge will require supporting and nurturing the next generation of security graduates and professionals.

Zero Trust to dominate 2023
Cyber Security Access Control & Identity Management
Traditional ways of safeguarding data are no longer sufficient in 2023. Zero Trust has emerged as a more proactive way for businesses to keep their systems, data, and networks protected against compromise.

Cybersecurity in 2023
Technews Publishing Gallagher Cyber Security
What is on the cybersecurity menu in 2023? Hi-Tech Security Solutions offers two views from industry players on the risk environment and what to look out for in the cyber world in the coming year.