As shoppers face short supplies and shipping delays, the final days of the holiday season can often be the most dangerous. In an effort to purchase gifts in time, many consumers are willing to compromise and interact with untrusted sources.
With experience in identifying and analyzing the entire cyberthreat landscape, Cisco Talos shares its advice for consumers to stay secure during the remainder of the festive period and beyond.
Common Tactics by Cybercriminals and Recommendations from Cisco Talos
Emails, URLs and Pop-ups
Internet users should avoid clicking on links in unsolicited emails, considering whether they previously subscribed to any marketing emails from retailers before opening them. Many cybercriminals masquerade themselves via emails seeming to come from common local and international retailers. Users should watch out for different use of language, hover over the sender to read the full email address and manually type the website name into a browser rather than just clicking a link.
As a standard practice, ad blockers should be installed on any Internet browser across all devices. These will help deflect malware advertising campaigns which aim to capitalize on shoppers looking for deals.
Promotions, Giveaways and Acting on Impulse
Phishing scams via email typically advertise a brand name and merchandise, offering unheard of, bargain prices. In some cases, they sell counterfeit goods, while in others, the consequences can be more serious.
Cybercriminals prey on people looking for a good deal during the festive season, often promoting ‘one-day only’ and ‘last minute’ sales. Fraudsters use this approach to encourage browsers to act impulsively, so as to not miss out on an opportunity. Increasingly, this tactic is also being deployed via social media advertisements.
Users may also receive emails and direct messages regarding giveaways and contests they never entered, but are now somehow the winner of. Internet users must always evaluate the likelihood of a situation, and whether there is potential that they are being led astray.
Popular Applications
Some malicious apps will try to masquerade as a legitimate version of the one that the user is searching for. Signs of these apps include poor spelling and grammar in app descriptions and interfaces, lack of high-quality performance and a developer contact that uses a free email service (such as @gmail.com).
Users should only download apps from trusted and official app stores like the Google Play store and iOS App Store. They should also look out for apps which ask for suspicious permissions, such as access to text messages, contacts, stored passwords and administrative features.
Additional Layers of Protections
Where possible, users should try to use payment services such as Google Pay, Samsung Pay and Apple Pay. These services use tokenization instead of the “Primary Account Number” (credit card number), making transactions more secure.
Although seemingly obvious, users must also deploy complex passwords that are unique, per site. In many instances, the same passwords are used across multiple platforms – increasing the likelihood of cyberthreats. Attackers commonly reuse passwords to compromise multiple accounts with the same username.
Consumers can also benefit from utilizing multi-factor authentication tools, such as Cisco Duo, to log into their email accounts securely and avoid unauthorized access.