Black Friday Cyber Monday – Stop … Look … Think! 0 330

Phishing email

Customers are not the only ones feeling opportunistic with the great deals offered over the Black Friday/Cyber Monday period, cyber criminals are too. The large scale of SALE communications sent to users prompting customers to “Click Here” and receive the deal of lifetime (for example) has created limitless ways for cybercriminals to cash in on unsuspecting victims. These communications come in the form of emails, SMS’s and social media posts, all of which can be easily replicated by cyber criminals.

We consulted our tech expert Dennis Koome on how to stay safe when shopping online.

So what do you, the customer, need to do to stay safe?

Stop, Look and Think

How’s your internet security mindset?

– Have you ever looked at yourself up online to see what information is out there about you?

– Have you clicked in any links in emails or on websites offering discounts?

– When shopping online, do you check the security status of the website?

– Have you paid attention to or customized your twitter, Facebook, skype, email security settings?

– At home, do you have an external backup source for your computer?

 

Some Terminologies:

  1. Spam: Unsolicited bulk commercial email messages.
  2. Phishing: Refers to tricking individuals into disclosing sensitive personal information or taking a potentially dangerous action, such as opening an infected attachment or visiting a compromised web link using deception via email.
  3. Spear Phishing: Refers to a form of phishing where the attack specifically targets an individual or a group. Since the attacker has researched the target and crafted their attack accordingly, spear phishing attacks are more likely to succeed.
  4. Spoofing: Refers to tricking or deceiving you or your system. This is done by hiding the sender’s identity or faking the identity of another user. This may involve sending messages from a bogus email address of another user.

 

DO’s and DON’TS

DON’TS:

  1. Open any email attachments that end with: .exe, .scr, .bat, .com, or other executable files you do not recognize
  2. “unsubscribe” – it is easier to delete the e-mail than to deal with the security risks.
  3. Respond or reply to spam in any way. Use the delete button
  4. Ever click embedded links in messages without hovering your mouse over them first to check the URL.

Always:

  1. Check the email ‘From’ field to validate the sender. This ‘From’ address may be spoofed.
  2. Note that www.eset.com and www.support.eset.software.com are two different domains
  3. Check for so-called ‘double-extended’ scam attachments. A text file named ‘safe.txt’ is safe, but a file called ‘safe.txt.exe’ is not.

Tips for Password Security

  1. Keep your passwords private – never share a password with anyone else.
  2. Do not write down your passwords.
  3. Use passwords of at least eight (8) characters or more (longer is better).
  4. Use a combination of uppercase letters, lowercase letters, numbers, and special characters (for example: !, @, &, %, +) in all passwords.
  5. Avoid using people’s or pet’s names, or words found in the dictionary; it’s also best to avoid using key dates (birthdays, anniversaries, etc.). Substituting look-alike characters for letters or numbers is no longer sufficient (for example, Password” and “P@ssw0rd”).
  6. A strong password should look like a series of random characters.
  7. On the web, if you think your password may have been compromised, change it at once and then check your website accounts for misuse. At work, change your password at once, and then call your company’s IT Security help desk.

Be on Alert for any email that asks:

  1. Replying (including sending an “unsubscribe” answer)
  2. Clicking any hyperlinks in the message (and that includes “unsubscribe” link)
  3. Opening an attachment.
  4. Forwarding the email message to others.
  5. Offers to gain something of value.
  6. Requires urgent, immediate action to avoid a negative consequence or to mitigate a threat.
  7. Asks you to resolve an urgent problem.

Recommended

When online shopping, it is recommended to do so on your personal internet connection rather than on a public WiFi connection, especially when required to enter passwords, banking details and personal information.

It is also recommended to secure all of your devices with internet security, many of us forget about our phones or tablets when we think about security however these devices are still avenues of attack!

To see the security solutions available for all of your devices including Security Awareness training, please go to our website or contact us at sales@esetafrica.com.

 

Previous ArticleNext Article

Security trends to look out for in 2018 0 247

After a turbulent 2017 with Cyber Security making regular headlines, looking ahead to the coming year, there will no doubt be further discussions about the threat landscape.

Ransomware Revolution  – Ransomware of Things

Technological advances and their accelerated use have led to a number of scenarios considered unlikely just few years prior, are now within the realm of possibility. The advice going into 2018 from ESET researchers is to back up everything that matters to you, often, by keeping at least some backups offline – to media that aren’t routinely exposed to corruption by ransomware and other malware – in a physically secure location. As the Internet of Unnecessarily Networked Things becomes less avoidable, the attack surface increases, with networked devices and sensors embedded into unexpected items and contexts: from routers to fridges to smart meters, from TVs to toys, from power stations to petrol stations and pacemakers. As everything gets ‘smarter’, the number of services that might be disrupted by malware becomes greater.

Criminals following the money

With data being the most valuable asset, ransomware is set to remain in great demand among cybercriminals. It is important to note that many ransomware attacks are not sophisticated enough or never intended to recover the victim’s data once the ransom has been paid. For these reasons we suggest not only backing up of data online and offline but also implementing proper security measures such as proactively training staff on what phishing emails entail and how to avoid clicking on them and entering any credentials.

Critical infrastructure attacks on the rise

Cyber attacks on the Ukrainian power companies resulted in electricity service being turned off in hundreds of thousands of homes. The implications of this for future attacks of this kind include more than just the power grid but also includes critical manufacturing and food production, water and transport and the defence and healthcare sectors.

Safer for all

This year has seen ESET’s malware analysts continue to help law enforcement crack down on malicious campaigns and, by extension, the criminals spewing them. We are confident that 2018 will bring further successful investigations as we will continue to lend a hand to authorities so that, ultimately, the internet can become a safer place for everyone – except cybercriminals.

Download the full Security Trends 2018 report here

ESET’s top 5 tips for safe online shopping this festive season 0 288

safe online shopping

Holiday shopping is so quick and easy to do online, no traffic to get to the store, no waiting in queues or travelling to one specific shop just to find out – oh no, they’re out of stock of the one item you went there for.

We want to make sure your holiday shopping experience is quick, easy and most of all safe. Here are our top 5 tips for safe shopping this festive season:

  1. Don’t have the same passwords for all online shopping sites, have strong passwords and for extra security, change them before the holiday shopping commences.
  2. Only shop on trusted sites and directly from vendors.
  3. Don’t click on links from emails, instead go straight to the site on your browser.
  4.  When shopping online use a secure internet connection such as your home WiFi and make sure the necessary firewalls are in place – Avoid online payments via public WiFi.
  5. This coupled with a strong antivirus and/or anti-spyware software for scanning email, applications, and data that resides on your computer, you can rest assured that only you will catch or detect any form of intrusion in good time.

To find out how ESET can help secure your online shopping experience visit our website or contact us at sales@esetafrica.com