Hackers poised for Black Friday assault

Hackers to launch a slew of Web-based attacks against consumers

You know retailers are ready for Black Friday -- but so are hackers poised to launch a slew of Web-based attacks against consumers. Your money and personal information could be at risk.

"The holiday season in general is a huge time for hackers ... [and] Black Friday is typically the start," says Paul Henry, vice president of strategic accounts for Secure Computing. "This year, my biggest concern for consumers is all the Web-borne malware out there."

Black Friday, the day after Thanksgiving, is followed in marketing lingo by Cyber Monday. Both are big days for retailers and online fraudsters. Consumers should watch out for e-mails advertising incredible deals that seem too good to be true.

"Freebies may be freebies in the sense that you get free malware," says Jamz Yaneza, a senior threat researcher at Trend Micro.

A common scam is to pick the hot toy of the season and send out a spam e-mail blast offering it for much less than the typical price, Henry says. Victims end up entering credit card information on malicious sites designed to look like well-known, trusted ones. They might also unknowingly download a keylogger that can steal personal information people type in when making any kind of Internet transaction.

"Be leery of sites being advertised [in e-mail that might be spam]. In all likelihood you're being directed to a malware-connected site," Henry says. "Do not click on URLs within e-mails even for well-known public sites."

In an HTML e-mail, it's a trivial task for hackers to hide the real URL a victim is clicking on.

"It might say 'ebay.com,' but you're actually clicking on something entirely different," Henry says.

Online fraudsters have been busy this year. Fraud losses related to US e-commerce will top US$3.6 billion in 2007, up 20% from last year, according to a report by the vendor CyberSource this month. The increase in dollar loss is due mostly to growing e-commerce sales, as the percentage of transactions that are fraudulent has held steady.

The run-up to Christmas and tax filing season are the two most dangerous times of the year for online shoppers, Yaneza says.

In addition to being wary of e-mails, be careful when searching for holiday deals or specific products on Google and other search engines. Operators of malicious sites have figured out ways to rise to the top of search listings.

"We've seen instances where the top site that is ranked actually gets there by gaming the Google search algorithm," Yaneza says.

Legitimate Web sites can be dangerous too, when hackers inject code into Web pages redirecting users to malicious sites, Yaneza says. The Dolphin Stadium Web site was attacked in this way prior to this year's Super Bowl in Miami.

Black Friday and Cyber Monday will be a bigger problem for consumers than enterprises, according to Henry, because large businesses tend to have better security. But that doesn't mean there's nothing for IT executives to be leery of.

Cyber Monday is thought to be a big day for online retailers because people return to work en masse after the Thanksgiving break and are sitting in front of office computers all day.

Businesses might also worry about employees using work laptops in unprotected Wi-Fi locations, and getting targeted with a keylogger or other malicious software, says Yaneza.

Yaneza's advice for consumers is simple but often effective: Install all the latest updates and patches for your security software and Web browsers.

Trend Micro offers a free tool called HouseCall that can scan your computer for viruses, spyware and other malware.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jon Brodkin

Network World
Show Comments

Father’s Day Gift Guide

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?