These malicious digital gifts will come at you in e-mail, social media postings and search results -- decorated like greeting cards, coupons, shipping documents and other innocuous bits of info. Dr. Brett Stone-Gross, researcher at Dell SecureWorks, supplied CyberTruth with these dozen tips for making it harder for the bad guys to spoil your holiday good cheer.
Be wary of holiday gift cards, holiday coupon offers, holiday cards, photos, etc. sent via e-mail. These often have malicious links within the offer which lead to downloads of info-stealing Trojans or the hackers try to scam you out of your bank account information.
Type the actual Web site address of the retailer you want to visit into your browser. Do not follow links provided by e-mail offers or pop up ads. Many times these are fraudulent sites made to look like the legitimate retail sites.
10 Best Oil Stocks To Watch For 2014
Avoid using debit cards to do online purchases when possible so as to limit your personal exposure to any possible fraudulent transactions. Use a credit card that limits your fraud liability
Always look at your Web browser for the https (as opposed to http) protocol that proceeds a Web address. The "s" let's you know that the Web site is providing a layer of security for transmitting your personal information over the Internet.
Be wary of unsolicited e-mails, even from senders that you know, that include links or attachments. Before clicking on links or attachments, try to verify the authenticity with the sender.
This is a faked shipping document carrying a link the turns control over to the Cutwail botnet.(Photo: Dell SecureWorks)
Be especially cautious of clicking on links posted on social networking and micro blogging sites. Shortened URLs make it easier to share, tweet or email links but they also create a security threat, as it easy to disguise the destination of the malicious links.
Ensure that your browser, browser plug-ins, anti-virus, and other software are patched and up-to-date. Patch management is key. It is critical that as soon as they become available you install updates for your applications and for your computer's operating system.
Use a dedicated computer for any online banking and bill paying. That computer or virtualized desktop should not be used to send and receive emails or surf the web, since Web exploits and malicious e-mail are two of the key malware infection vectors..
Reconcile your banking statements on a regular basis with online banking and/or credit card activity to identify potential anomalous transactions that may indicate account takeover.
Be cautious about installing software (especially software that is too good to be true – e.g., download accelerators, spyware removal tools), and be conscience about pop-ups from websites asking users to download/execute/or run otherwise privileged operations. Often this free software and these pop-ups have malware embedded.
Be wary of e-mails notifying you that your banking certificate or token is out of date and to download a new certificate or token. Before taking any action, verify with your financial institution by calling them on a number that is not provided in the email.
Avoid using weak or default passwords.
No comments:
Post a Comment