On-line shopping for Mother’s Day

May 2010 Information Security

Husbands and teenage children need to pay great attention to on-line transactions of all kinds

According to an independent research conducted by Dept Information System, University of Cape Town “the national economy [of South Africa] will become increasingly reliant on IT infrastructure and e-commerce for critical activities. Future growth may be hindered by the constantly evolving threat of computer crime, and thus it imperative that South African organisations are made aware of and become more knowledgeable of the origins and consequences of computer security issues, in the hope that further investment will be made into computer and information security for improvement”. This is exactly the reason why people need to understand the threats Internet poses and work with AV specialists to find ways to protect themselves and their families against cybercrime.

Unfortunately, only few of the Internet users are actually aware of the threats lurking in the Internet jungle. Here are a few examples of such dangers:

1. The web being the very next best thing when it comes to shopping for gifts, most computer users will point their browser to their favourite online store with the credit card details at hand. Credit card credentials can get into the hands of ill-meaning third parties either as the result of a successful phishing attempt or of a Trojan with keylogging capabilities having compromised the system prior to the purchase.

2. Spammers will most definitely take a chance at piggybacking on the event so as to advertise bargains that would make excellent gifts for women. These knockoffs might be pieces of jewellery, accessories, as well as sexual enhancement pills or other prescription-based drugs. Social networks are other vulnerable spots that cybercriminals choose to exploit. They might become channels for spam and phishing messages made to trick the user into willingly sharing his/her credentials most of the times without assuring ahead of the credibility of the source of the message.

Figure 1. Spam message advertising Viagra
Figure 1. Spam message advertising Viagra

3. Malware-bundled greeting cards are also expected to proliferate. They usually carry various hidden e-threats, especially variants of zBot as well as the infamous Koobface worm. All sorts of malware can reach the user 'nicely' wrapped in a spam message:

Figure 2 Malware-bundled spam message
Figure 2 Malware-bundled spam message

4. Identity theft should be yet another major concern for online shoppers while filling-in personal information in order to buy the gift of their dreams. The rules that apply here are never to visit and use an online store that promotes its services through spam mail and not to provide more personal information than it is necessary for shipping and billing.

Here are some e-safety guidelines for your online quest during Mother’s Day:

* Using a complete anti-malware solution, such as BitDefender Total Security, will solve most of these problems, as it can block spam, phishing attempts and prevent malware from infecting your computer, therefore keeping your private data safe.

* Exercise caution when you add personal data to your accounts. Keep the critical data to a safe minimum. Do not disclose important information such as social security number, date of birth, home address or phone number, before you know for sure who you are talking to.

* Pay great attention to the links you visit and do not download any content before you are absolutely sure that it comes from a trustworthy person.

* Do not check your e-banking account from public computers connected to Internet (like those in a library or Internet Café).

* If you use a wireless connection, make sure that your connection is secured and encrypted and that you know and trust the owner of the access point; also, refrain from using an unsecured public wireless connection (like those in airports or hotels) when banking over the Internet. Still, if forced to do so, use an on-screen (virtual keyboard) to enter sensitive data. Although not 100% bulletproof, this technique would guard your data from average keylogger applications.

* Make sure that the e-banking Web site uses SSL encryption (Secure Socket Layer) and security authentication methods - look for the 'https' prefix and the locked padlock. If you are requested to accept a certificate for the session, check that the name on the certificate matches the name of the institution you wish to deal with and that the certificate is signed by a known Certificate Authority such as Thawte or VeriSign before accepting.

* Avoid using a non-secured computer (like a friend's desktop or job colleague laptop). Still, if you are forced to do so, make sure you at least run BitDefender's advanced scanning on-line tool, Quick Scan, before proceeding.

For more information contact Alina Anton, senior PR & marketing coordinator, EMEA & APAC Business Unit, BitDefender, +40 212 063 470, [email protected], www.bitdefender.com





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Upgrade your PCs to improve security
Information Security Infrastructure
Truly secure technology today must be designed to detect and address unusual activity as it happens, wherever it happens, right down to the BIOS and silicon levels.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...
DeepSneak deception
Information Security News & Events
Kaspersky Global Research & Analysis researchers have discovered a new malicious campaign which is distributing a Trojan through a fake DeepSeek-R1 Large Language Model (LLM) app for PCs.

Read more...
SA’s strained, loadshedding-prone grid faces cyberthreats
Power Management Information Security
South Africa’s energy sector, already battered by decades of underinvestment and loadshedding, faces another escalating crisis; a wave of cyberthreats that could turn disruptions into catastrophic failures. Attacks are already happening internationally.

Read more...
Almost 50% of companies choose to pay the ransom
News & Events Information Security
This year’s Sophos State of Ransomware 2025 report found that nearly 50% of companies paid the ransom to get their data back, the second-highest rate of ransom payment for ransom demands in six years.

Read more...
Survey highlights cost of cyberdamage to industrial companies
Kaspersky Information Security News & Events
The majority of industrial organisations estimate their financial losses caused by cyberattacks to be over $1 million, while almost one in four report losses exceeding $5 million, and for some, it surpasses $10 million.

Read more...
Digital economy needs an agile approach to cybersecurity
Information Security News & Events
South Africa is the most targeted country in Africa when it comes to infostealer and ransomware attacks. Being at the forefront of the continent’s digital transformation puts South Africa in the crosshairs for sophisticated cyberattacks

Read more...
SIEM rule threat coverage validation
Information Security News & Events
New AI-detection engineering assistant from Cymulate automates SIEM rule validation for SecOps and blue teams by streamlining threat detection engineering with automated testing, control integrations and enhanced detections.

Read more...
Cybersecurity a challenge in digitalising OT
Kaspersky Information Security Industrial (Industry)
According to a study by Kaspersky and VDC Research on securing operational technology environments, the primary risks are inadequate security measures, insufficient resources allocated to OT cybersecurity, challenges surrounding regulatory compliance, and the complexities of IT/OT integration.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.