Don’t Get Caught in Phishing Scams While Shopping Online this Mother’s Day
Princess Tsambo (Orange Ink)
Mother’s Day is a day to honour mothers, motherhood, maternal bonds, and the influence of mothers in society. Naturally, there are plenty of ways to make moms feel special with unique gifts, but sadly there are those that use such special occasions for their own cybercriminal gain. In fact, according to Kaspersky Lab security experts, people are more likely to face a cyber-attack during shopping online for special occasions.
Why phishing attacks work
Surfing online via smartphones and tablets can help consumers stay on top of retail deals instead of being at the mall searching for that hard-to-find gift. However, cybercriminals know that consumers are more likely to visit such retail sites with login accounts or financial information during busy shopping times, like Mother’s Day. And, when it comes to shopping online, phishing is on the rise. One of the main reasons why phishing has been so successful is because of the constant technical evolution of phishing instruments, which are becoming increasingly sophisticated.
There are numerous reasons why phishing works so well, starting with the ability of the scammers to play mind tricks on victims, in order to lure them into trouble. Additionally, there are countless ways to take the bait: accessing public Wi-Fi, logging into a fake website or following a link in an e-mail promising exclusive Mother’s Day deals. It’s impossible to enumerate all the cases. Phishers can use tempting offers, like complimentary giveaways, in order to bait users. This is a very efficient method, as many people would likely take advantage of such a free offer.
Ultimately, it should not be assumed that the only things scammers seek are credit card details or financial data. Many phishers would be perfectly happy with getting access to user credentials in an email service or social network. In fact, to perform a phishing attack, a cybercriminal does not necessarily need to break into your system. This is why no existing platforms are capable of fully protecting you from phishing, making it a truly universal threat. Mobile phishing has also become more and more prominent. Due to the technical peculiarities of smartphones and tablets (smaller screen size, for instance), it can be even harder to tell a phishing site apart from a legitimate one.
It’s common to receive promotional materials from retailers, either through email or social networks, such as Facebook and Twitter; however, it’s also common for cybercriminals to abuse this distribution method by sending out mass amounts of fake emails that are disguised as legitimate messages from these companies. Once you click on the link to view the offer, you’ll be redirected to a malicious site instead of the retailer’s. Not only can your PC and financial information be at risk, but the malicious link will try to automatically spread itself to all your friends to snare more victims. They can easily monitor all the information sent across public Wi-Fi networks, which can include your bank account or credit card number.
Precautions to avoid phishing attacks
Unfortunately, there is no real cure for phishing attacks aside from paranoia-level vigilance on the case of the end user. However, it is possible to take precautions to avoid such attacks. Here are the tips Kaspersky Lab security experts shares for all users:
- If you see a deal being promoted, go to the retailer’s official website to confirm it’s a legitimate offer. Check the URL address attentively for any typos or inaccuracies, it is advised to use a secure ‘https’ connection (a web connection that supports encryption – Hypertext Transfer Protocol Secure). This prevents you from visiting a potentially fake and malicious website.
- Install a reliable secure solution, such as Kaspersky Total Security, which is able to detect and block phishing attacks and spam in standalone email clients. It also includes features such as Safe Money to help secure financial transactions and data, and Password Manager to provide further protection for your digital identity.
- Don’t click on shared links without knowing that your friend purposefully shared it. If a deal seems too good to be true, it probably is.
- Messages from official organisations, such as banks, tax agencies, online shops, travel agencies, airlines, and so on, also require scrutiny. Even internal messages from your own office. It’s simply not that hard to fabricate a fake letter that looks like a real one.
- Even if a message or a letter came from one of your best friends, remember that they could also have been fooled or hacked. That’s why you should remain cautious in any situation. Even if a message seems friendly, treat links and attachments with suspicion.
- When shopping in a physical store, use your cellular network offering like 3G/4G, instead of public Wi-Fi.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company celebrating operating in the market for over 20 years. Kaspersky Lab’s deep threat intelligence and security expertise are constantly transforming into next-generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.co.za