Monday, December 23, 2013

A Time for Extra Caution

While many associate the holiday season with warm feelings and focus on doing good towards others at this time of year, it is unfortunately a time when the bad guys kick it in to high gear. They know that many people are shopping and looking for bargains, and trying to get all their charitable giving in before the end of the year. It is a perfect time for them to take advantage of us when most of us have our guard down. A tool that is being used more and more by those who want to take advantage of others "good will" at this time of year is cyber attacks.

We have already discussed phishing attacks on this blog in the past, and being cautious in regards to e-mail is warranted all the time, but especially this time of year. A common tactic used in phishing e-mails, and one that has proven to be especially effective is shipping or purchase notification e-mails, chock full of links presumably to track your package or check your order status. Many people order items on-line this time of year, and you may get many perfectly legitimate shipping notification e-mails. The fact that you are expecting a shipping notification e-mail makes this type of attack more effective. You are more likely to click on the links in the message or downloading the attachments without reading the entire message carefully. Don't fall for this trick! Make sure you read the entire e-mail and know how to tell a legitimate shipping notice from a bogus one. The easy and obvious one, did you order the product mentioned in the first place? Hover over links and read the URL that they point to. Does is match the business that sent the notification? On a smart phone, long press on a link to see the actual URL. (Be extra careful here because it can be very easy to accidentally activate the link.) See our article from October 15, 2013 for tips on how to spot a phishing e-mail.

Another thing that can be dangerous this time of year are e-mail and on-line greeting cards. Be very careful with these as well. Do you absolutely know and trust the sender? Perhaps even more importantly, are you confident enough in their tech savvy to be sure they were not duped when they chose a greeting to send? If the answer to either question is no, it is probably best to delete these greetings unopened. Many have dangerous payloads that aren't worth the risk.

It is kind of sad, but unfortunately necessary, that we have to send you these reminders at this time of year. But letting your guard down now can ruin what for many is an enjoyable season.