November 25, 2016

Online Thieves Are Looking For You

The holiday shopping season has begun in earnest. Projections are a 10% increase in online sales over last year, which already set records. Unfortunately, that means a growing opportunity for those who want to separate you from your money, your online identity, or plant an infected piece of software on your computer.

I received information from Enigma Software Group, a company that markets anti-malware software. There were sobering statistics on the spike in growth of this dangerous phenomenon.  The company also gave me some tips to pass along to help keep you safe. Be on high alert for:

1) Spam emails and links promising great deals. Malware makers know that people will be on the lookout for great prices on everything from Xboxes to phones. They'll send bogus emails promising super low prices.

And those emails will contain links that can install malware if they are clicked. The bad guys will also post bad links in Facebook and Twitter accounts that they hijack.

2) Fake emails that look like they are from real online retailers. Bad guys know it's likely you've bought something online from Amazon or Toys R Us. So they send fake emails that tell you there was a problem with your recent order, hoping you'll click on a link that will install malware.

3) Poisoned search results. Sophisticated cyber crooks can create fake web pages promising to sell hot holiday items at very low prices. 
They can even work to make those pages show up in Google searches for particular products. If someone clicks over to the bogus page, an infection is just a few seconds away. 

Some of the more common infections today can steal personal information, access your contacts and important files, and in some cases literally hold your computer hostage until you pay a ransom to unlock it. In fact, the percentage of overall infections made up of “ransomware” has doubled from 2015 to today. 

To protect yourself, the company suggests:

Never click on links in social media messages. This includes Twitter direct messages and messages sent to you via Facebook. They may look like they are coming from your friends, but there's a good chance their account has been compromised and cybercrooks are trying to trick you.

Be wary of unfamiliar web sites that ask you to install software before continuing with your shopping. Most of the time that software has malware embedded in it.

Always have reliable anti-spyware and anti-malware software installed  and make sure to run frequent scans and updates.

If you are trying to check on the status of an online order, type the web site of the retailer into your address bar manually to log in and check. Don't trust a link sent in an email.

Other important reminders include:

A) Be careful with unsecured WiFi connections, like those found at coffee shops, shopping malls, maybe even your own home. Cyber-thieves have become quite adept at stealing information from an open WiFi link.

B) Become sensitive to phishing (fishing) scams. Emails designed to look like a legitimate business hope to entice you to click on a link or respond to an "urgent" request for more information. Do so, and you have been compromised.

C) Social media oversharing can be a problem. Too many details about yourself, like birth date, previous locations of where you lived, your mom's maiden name (as part of a family site), or too low a privacy setting can equal a golden opportunity for ID theft.

D) "12345" or "password" are open doors to thieves. Use strong passwords that combine symbols, upper and lower case letters, and numbers in a string that is meaningless. Hard to remember? Sure. Hard to steal? Absolutely.

E) If a store or business you do business with has a data breach where millions of customer records are stolen or accessed, become very vigilant in checking your bank, credit union, and credit card accounts for unexpected activity. Within a few months, take advance of the free credit check offered at Annual Credit Report to look for suspicious activity or charges. 

With the convenience of our online life comes the necessity to realize that bad people want to take advantage of that technology. Each of us is ultimately responsible for our cyber well-being. Sad, but true.


  1. Excellent information, thank you! We all need to remain vigilant. Unfortunately, the thieves are working full time to come up with new ways to separate us from our money.

    1. Just think what they could accomplish if the hackers turned their smarts to something legitimate.

  2. I've used Malware Bytes for years. It definitely helps keep the craziness at bay. Now we have to worry about Russian spammers, working against our democracy. Sad state of affairs.

    1. The stories of Russian operatives behind some of the fake news during the election are more than a little unsettling.

  3. Great information Bob. Also, for Facebook users, do not fall for the type "AMEN", "copy and paste on your wall" or "giveaway" scams. All of those are designed to either unjustly enrich the scammer, or infect your computer with malware. Happy Black Friday!

    1. Absolutely. Black Fridays? I went to the gym and helped clean up after Thanksgiving.