Don’t give Christmas Presents to Cyber Criminals

London, UK December 9 2011 With 73% of Brits shopping online this Christmas (source: EBAY), online criminals are taking advantage and targeting users looking for the right present*. They lure their victims to malware or phishing traps with emails claiming to offer luxury goods at bargain prices or fake delivery company notifications, for example. Criminals are usually out to get personal data such as login details to online banking sites or credit card information. G Data identifies the top 5 dangers users should be aware of when buying presents online, and offers tips on how to prevent becoming a victim of cyber crime.

“Cyber criminals target Internet users in the run-up to Christmas,” explains Eddy Willems, Security Evangelist at G Data. “They use a variety of tactics to infect unsuspecting users with malware or steal personal data such as online banking or credit card information. Users should therefore make sure they are using an effective and comprehensive security solution and closely check online shops for reliability and security.”

Top 5 dangers of Christmas shopping online

1. Emails with bait advertising
   In these emails, fraudsters promise brand name products such as luxury watches or expensive designer shoes at very low prices. The integrated links lure users either to websites infected with malware or to a fake online shop where banking and other data is stolen during an ordering process. Emails of this type can often be easily identified by their subject lines, which are along the lines of “Christmas Sale, Thousands of luxury goods for under 100”.

2. Online banking fraud
   Online banking is particularly popular with people who buy their Christmas presents online. Electronic bank transfers make it quick and easy to pay for presents ordered online. Banking Trojans are therefore becoming increasingly popular with criminals, who use them to intervene in payment transactions and divert money to their accounts. User PCs can become infected with this malware in a number of ways: for example, a user receives a fake message from a bank claiming that an online payment transaction did not work. To repeat the transaction, the bank customer is supposed to click on the integrated link, which leads to a website infected with a banking Trojan.

3. Emails from supposed delivery services
   Christmas presents that have been ordered are usually delivered by parcel services. Criminals exploit this and send fake emails with shipping confirmations and invoices. These messages might state that a parcel could not be delivered or, as was the case in a fake UPS email, a new invoice for a shipping request is available in the billing centre. This email also contains a file attachment hiding a key logger. If a user clicks on the attached file, the malware is downloaded and spies on all future key entries, e.g. login data for payment services or online banking.

4. Payment service provider emails
   The fraudsters send fake emails from payment service providers stating that the user account has been blocked due to alleged irregularities or that a payment transaction did not work. The recipient is supposed to click on the integrated link to repeat the payment or unlock the account. As with emails containing bait advertising, this leads to a fake website designed to steal user data or to a site infected with malware.

5. Fake online Christmas greetings
   Another popular strategy in the Christmas period is to send fake Christmas e-cards. These can contain file attachments with a variety of popular malware strains or a link leading to an infected website.

Eight security tips for buying Christmas presents online safely

1. Users should use a comprehensive security solution with a virus scanner, firewall, spam and real-time protection. This solution should be regularly updated with software and virus signature updates. We recommend scanning the entire computer for malware before buying presents.
2. When using online banking, users should ensure the security solution they have in place protects them against known and unknown banking Trojans.
3. Users should use updates to ensure that their operating system and installed software are always fully up-to-date.
4. Ideally all spam email should be deleted without being read. Users should not open integrated links or file attachments under any circumstances. Links to online banking sites, online shops or payment services should ideally be typed into the browser manually. In doing so, users should take particular care to avoid typos, since criminals use these to lure buyers to fake sites.
5. Users should closely inspect online shops before making a purchase. This includes reading the general terms and conditions, the legal notice, and checking shipping and any additional costs. Users can also research whether the respective online shop or vendor is known as a “black sheep”.
6. Purchases should not be made from public PCs since these are often not protected sufficiently. Public WiFis should also be avoided since cyber criminals can tap in to the data traffic on these.
7. During the payment process, users should pay attention to their browser’s security notifications to ensure that data is being transferred in encrypted form. The important things to look out for are: the padlock in the status bar or address line, the ‘https’ abbreviation before the address you entered, the green background in the address line in most modern browsers and the right top level domain being displayed.
8. Strong passwords should be used, especially with user accounts for payment services, online banking and online shops. These are generated randomly and usually consist of at least eight characters. These passwords should consist of upper and lower-case letters and special characters.