I would like to take a break from our regularly programmed blog to talk about a timely bit of information — how to keep you safe during this holiday season. After all, we use the internet as much as our children but we use it for shopping and banking in addition to work and fun. My goal this week is to help you protect yourself during this holiday season and on into the New Year!

In addition to my tips below, I hope you will join McAfee’s shopping expert Reema Shown and internet safety expert, Parry Aftab, for a “Shop Safe. Shop Smart” webinar this Thursday, December 4 at 9 a.m. PST. It will cover how to shop smart and safely online for this holiday season and beyond. To learn more about it and to register, follow this link: www.shopsafeshopsmart.com.

In working with McAfee, I have learned of some holiday related scams that I would like to alert you about. I will give you a brief overview and some quick advice, but I suggest you visit McAfee’s Security Advice Center to make sure you are aware of the potential pitfalls that can trip you up if you aren’t on your toes!

1. Charity Phishing Scams – As is the case every year, there are many charitable organizations that will ask for donations before the end of the year. It feels good to donate to a great cause in your name or as a gift for others. Unfortunately some less than noble people have used this to make a quick buck.

The scam is that they send you an email that looks just like it came from that actual organization. If you click on the email, it will take you to a dummy website that looks just like the website of say the Red Cross or the Salvation Army. Don’t trust these email solicitations. If you are going to be one of the 30% of consumers who will choose to donate online, go directly to their website.

2. Email Banking Scams – This scam was one I learned about during the McAfee S.P.A.M. Experiment. I received several emails telling me that my bank account was getting tapped by an overseas IP address and that I should click on the link and log into my bank account or they would close my account. The funny thing was that I didn’t have an account with that bank! Luckily for me I learned about this one before I could be targeted with the right bank. Your bank is never going to send you an email asking you to log in to your account and if you ever get an email that you think may be from your bank – call them!

3. Holiday themed emails – We all fall for this one – the cute holiday emails! Too cute not to open, right? There was a popular New Year’s e-card going around last year. It brought the victim to a malicious website that attempted to download Trojan software. A good rule for us all is don’t open email unless you know the sender. A good way to spot these bad emails is to look for misspelled words in the subject line, odd looking url’s or emails being sent from unknown senders

Remember – if in any doubt about the legitimacy of an e-card, don’t open it. Never click on anything from an unknown source. 

4. Fake Invoices – Here is a sneaky one! According to McAfee, here’s how this scam works: The bad guys create a fake invoice or waybill and send it via email as an attachment. There are a few variations of this scam – the recipient may be asked to confirm or cancel an order, they may be told that the parcel service was unable to deliver a package due to having an incorrect address, or the recipient may receive a customs notification about an international package. In every instance, the email either asks the consumer for their credit card details so that their account can be credited or requires the recipient to open an invoice or customs form to receive the package. This kind of scam has been played on many consumers who believed they were receiving emails from FedEx, UPS or the US Customs Service but instead were delivered a deadly Trojan program or other threat that can lead to identity theft or hacker control of a computer.

Never give out your financial information via email – either go directly to the company website or call them, but email is not secure to be sending any type of personal financial information.

5. You’ve got a new Friend – You get a message in an email that says that you have a new friend and it says it is from a popular networking site. The catch is that if you click on the link, you just downloaded malicious software on to your computer! That is no friend. Be careful about opening unsolicited email and make sure your anti virus software is set to automatic updates so your expensive equipment is safe.

6. Dangerous holiday related search terms – I love Santa as much as the next kid, but I caution you to be wary of any “free Santa downloads.” Free wallpaper and screensavers can be great, but you need to make sure they are coming from a safe source. McAfee SiteAdvisor is a free download that is easy even for kids to use. It works with popular search engines like Google and Yahoo! And gives you a green, yellow or red light next to your search results telling you if will get any unwanted “gifts” with your free holiday downloads!

7. Coffee Shop Cybercriminal – So you are having a latte and surfing the web at your favorite coffee shop. Did you know that in that scenario your computer is not safe and neither are your passwords, bank information and website history? It is as easy as using a program called a packet sniffer. Attackers also set up a wireless access point near the coffee house. If you unsuspectingly connect to his wireless connection, he can see everything that you do and redirect your computer to sites you may not want your computer connected to. If you use public wireless hotspots, make sure your anti virus is up to date and that you have a Firewall installed, updated and turned on! If you use online banking, make sure you check it from a known, secure internet connection.

8. Password Stealers – According to a holiday shopping study that McAfee had done, 53% of consumers use the same password for multiple websites and online services. Hacking passwords is as easy as using free or low cost software that gets downloaded to your computer via SPAM without you even knowing about it. So this holiday season, be sure you have an updated comprehensive security software suite to help prevent access to password-stealing malware. This includes anti-virus, anti-spyware and a two-way firewall.

Remember to check to make sure your subscription software is current – and not just trial software that might be expired. In addition, create complex passwords such as: $aNt@IsRe@l or H@PPyH0l!d@y$.

9. Fraud Via Auction Sites – Online auction sites are fun and great deals are to be had by all. But have you ever read the security and safety policies on the site? They have great tips for keeping your account safe and avoiding scam artists. If an item is at an incredible price with a really short time frame, or the exact photos are featured on another auction site, exercise caution. Also, check the sellers rating. It is there to help you be an educated consumer!

10. Holiday-themed email attachments and spam - A recent McAfee holiday survey found that 49% of consumers have opened or would open an email with a holiday themed attachment. Even if they are sent from your friends, be aware of any attachments especially those that come in the form of PowerPoint presentations, with vague holiday related subjects or odd looking urls.

Some examples of subject lines bad guys use to lure consumers into opening a friendly-looking email are “happy 2008 to you!”, “happy 2008!” and “new hope and new beginning”.

11. Online identity theft – Do you ever wonder if the site you are buying from is safe? Do you know how to tell if it is secure to give them your credit card information? Always check to see if there is a closed lock in the address bar on the page where you submit your personal information and a “s” in the https:// url.

Also, look for McAfee’s Secure trustmark on a website to be sure it is secure while you shop – they have checked more than 8,000 sites for more than 10,000 vulnerabilities.

12. Laptop Theft – According to the FBI, 1 in 10 laptops are stolen and 97% are never recovered. Be smart with where you leave your laptop and make sure it is never left in view in your car. For further protection, McAfee suggests to purchase a product, such as McAfee Anti-Theft, that safeguards important files – including photos, music and bank/credit card statements, in the event your laptop is stolen.

For more tips and information about the latest scams, check out the McAfee Avert Lab’s blog  — Christmas worm uses McDonalds and Coca Cola as bait.

Happy Shopping to All!

Tags: Cyber Security Mom