Skip Links

Network World

  • Social Web 
  • Email 
  • Close

Hackers poised for Black Friday assault

Holiday shoppers will fall prey to Web-based attacks, experts say
By Jon Brodkin , Network World , 11/19/2007
  • Share/Email
  • Comment
  • Print

You know retailers are ready for Black Friday – but so are hackers poised to launch a slew of Web-based attacks against consumers. Your money and personal information could be at risk.

“The holiday season in general is a huge time for hackers … [and] Black Friday is typically the start,” says Paul Henry, vice president of strategic accounts for Secure Computing. “This year, my biggest concern for consumers is all the Web-borne malware out there.”

Black Friday, the day after Thanksgiving, is followed in marketing lingo by Cyber Monday. Both are big days for retailers and online fraudsters. Consumers should watch out for e-mails advertising incredible deals that seem too good to be true.

“Freebies may be freebies in the sense that you get free malware,” says Jamz Yaneza, a senior threat researcher at Trend Micro

A common scam is to pick the hot toy of the season and send out a spam e-mail blast offering it for much less than the typical price, Henry says. Victims end up entering credit card information on malicious sites designed to look like well-known, trusted ones. They might also unknowingly download a keylogger that can steal personal information people type in when making any kind of Internet transaction.

“Be leery of sites being advertised [in e-mail that might be spam]. In all likelihood you’re being directed to a malware-connected site,” Henry says. “Do not click on URLs within e-mails even for well-known public sites.”

In an HTML e-mail, it’s a trivial task for hackers to hide the real URL a victim is clicking on.

“It might say ‘ebay.com,’ but you’re actually clicking on something entirely different,” Henry says.

Online fraudsters have been busy this year. Fraud losses related to U.S. e-commerce will top $3.6 billion in 2007, up 20% from last year, according to a report by the vendor CyberSource this month. The increase in dollar loss is due mostly to growing e-commerce sales, as the percentage of transactions that are fraudulent has held steady.

The run-up to Christmas and tax filing season are the two most dangerous times of the year for online shoppers, Yaneza says.

In addition to being wary of e-mails, be careful when searching for holiday deals or specific products on Google and other search engines. Operators of malicious sites have figured out ways to rise to the top of search listings.

  • Share/Email
  • Comment
  • Print
Partner Content

Brilliantly simple security and control solutions for email, web and endpoint

www.sophos.com

Stopping data leakage

Learn how to exploit your current security investment to control the information that flows into, through and out of your network.

Download the white paper.

Why detection rates aren't enough

Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.

Download the white paper.

Applications: taking back control

Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.

Learn more today.

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed
Get instant email notification when white papers, webcasts, executive guides are added to our library. Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.
Network World,to go. Wherever you are. Breaking news delivered to your mobile device. Select the hottest topics in networking and start receiving Network World on your mobile device today.