Beware: ‘Tis the Season for Cyberscams

'Tis the season for cyberscams -- and it's stacking up to be one of unprecedented plunder for cybergrinches. Crooks go where the money is, and cybercriminals are concentrating their cleverness this year on mobile devices and social media.

Black Friday and Cyber Monday are just around the corner, so cybercriminals have begun to flood e-mail, social media postings and search results with tainted Web links, offers for worthless products and pitches for all variety of scams.

"All these things have something in common: social engineering and greed," says Sorin Mustaca, security analyst at anti-malware firm Avira.

The bad guys count on one in 10 recipients of holiday-themed phishing lures to click on a poisoned link or fill out a bogus form.

They've been planning all year for this. Messaging security firm Proofpoint says e-mail carrying faked delivery confirmations and order notices purporting to be from FedEx, UPS, DHL, Amazon, eBay, Wal-Mart, Target and Toys R Us have already begun to swell. Clicking on the enclosed links turns over control of your computer to the attacker.

"We're human; we're compelled to click," says David Knight, Proofpoint executive vice president. "And we're even more human during the holiday season."

Phishing attacks -- faked e-mail carrying tainted Web links -- are expected to spike in coming weeks, purporting to come from shipping companies, says Bob Pratt, vice president of product management at anti-phishing company Agari.

Agari's analysis of billions of e-mail messages shows faked shipping company e-mails increased 62% in the third quarter over the second quarter. Based on historical patterns, the volume of faked shipping company e-mail messages can be expected to double this quarter compared to the third quarter, because "there's a lot more cover for bad guys to take advantage," Pratt says.

Holiday shopping has come to mean fielding "likes" from our Facebook friends, and using our smartphones...

Comments are closed.