November 11, 2020
Beware of cyber-attacks during the shopping holidays
Cyber criminals often take advantage of the annual shopping holiday season, where almost all local and international stores advertise their products with significant discounts.
Israel’s National Cyber Security Authority reported that during this past week, over 50 new international websites posing as Amazon, and 15 websites posing as E-Bay were launched with the purpose of stealing innocent shoppers’ credit card details.
Also, they reported approximately 70 imposter websites that either target Israelis or were visited by Israelis. This annual sales period is often characterized by an increase in imposter websites, as well as in phishing attempts. This year, the danger is more vivid in light of the increase in online shopping and transactions due to the Covid-19.
Although the methods used by these cyber criminals are the same as the methods used throughout the year, the holiday shopping season poses larger risks of falling a victim to these attacks due to the natural increase in online transactions and in advertisements of sales through emails, links in Facebook groups, and potentially harmful apps.
What to look out for?
- Unusual sales and discounts – a known brand offered for a significantly lower discount price through an unfamiliar website;
- Suspicious websites posing as the real ones, requesting the user to enter details in order to enjoy a coupon – carefully examine the letters, their order and the entire address in the link.
- A request to provide personal information such as an ID number. Personal information that includes an ID number is considered very valuable and can be sold by cyber criminals to the highest bidder. Also, beware of entering personal email or social media account information, as these can be used to log into various other websites.
How to protect yourself?
- Enable two-factor authentication;
- Google the name of the website before making a purchase. Search for reviews and recommendations;
- Log in to the website by yourself, avoid the use of links;
- Avoid using credit cards, prefer PayPal and similar more secure payment methods;
- Make sure the address of the website begins with ‘HTTPS’ with a closed lock symbol; more experienced users can check the validation of the SSL certificate in the lock.
- Examine the logo of the website. Check for changes in a single letter, for example, Paypel instead of Paypal.
- Prefer opening links through your computer and not your cell phone. It is easier to spot broken links or suspicious addresses through the computer as the entire link is presented before you.
- Make sure your devices are all up-to-date with the latest security software.
Follow Us on the Facebook page for the latest news and insights on cybersecurity.
Stay Safe with TrustNet!