Remain vigilant during holiday season

  • Published
  • By 51st Fighter Wing Information Assurance office
OSAN AIR BASE, Republic of Korea --  Traditionally the holidays are a time of giving, spreading cheer and overall good will among men. But for cybercriminals, this can be the most opportune time for schemes, stealing money, credit card information, social security numbers and identities. The wing Information Assurance office offers helpful tips to make sure Team Osan members are protected.

Scam I: Charity Phishing Scams - Be Careful Who You Give To
During the holiday season, hackers take advantage of citizens' generosity by sending e-mails that appear to be from legitimate charitable organizations. In reality, they are fake Web sites designed to steal donations, credit card information and the identities of donors.

Scam II: Fake Invoices from Delivery Services to Steal Your Money
Cybercriminals often send fake invoices and delivery notifications appearing to be from Federal Express, UPS or the U.S. Customs Service. They e-mail consumers asking for credit card details to credit back the account, or require users to open an online invoice or customs form to receive the package.

Scam III: Social Networking - A Cybercriminal "Wants to be Your Friend"
Internet users should beware that clicking on links in fake Email requests can automatically install malware on computers and steal personal information.

Scam IV: The Dangers of Holiday E-Cards
Cyber thieves cash in on consumers who send holiday e-cards in an effort to be environmentally conscious. Last holiday season, McAfee Labs discovered a worm masked as Hallmark e-cards and McDonald's and Coca-Cola holiday promotions. Holiday-themed PowerPoint e-mail attachments are also popular among cybercriminals.

Scam V: Bogus "Luxury" Goods or Auction frauds
Offers for outrageously "discounted" luxury gifts may lead to evil sites for drive-by download of malware. You may give the bad guys your credit card information. Goods may never arrive.

Scam VI: Practice Safe Holiday Shopping - Online Identity Theft on the Rise
Forrester Research Inc. predicts online holiday sales will increase this year, as more bargain hunters turn to the Web for deals. While users shop and surf on open hotspots, hackers can spy on their activity in an attempt to steal their personal information. McAfee tells users never to shop online from a public computer or on an open Wi-Fi network.

Scam VII: Christmas Carol Lyrics Can Be Dangerous - Risky Holiday Searches
During the holidays, hackers create fraudulent holiday-related Web sites for people searching for a holiday ringtone or wallpaper, Christmas carol lyrics or a festive screensaver. Downloading holiday-themed files may infect one's computer with spyware, adware or other malware.

Scam VIII: Out of Work - Job-Related E-mail Scams
Scammers are preying on desperate job-seekers in the poor economy, with the promise of high-paying jobs and work-from-home moneymaking opportunities. Once interested persons submit their information and pay their "set-up" fee, hackers steal their money instead of following through on the promised employment opportunity.

Scam IX: Password Stealing Scams
Password theft is rampant during the holidays, as thieves use low-cost tools to uncover a person's password and send out malware to record keystrokes, called keylogging. Once criminals have access to one or more passwords, they gain vast access to consumers' bank and credit card details and clean out accounts within minutes. They also commonly send out spam from a user's account to their contacts.

Scam X: E-Mail Banking Scams
Cybercriminals trick consumers into divulging their bank details by sending official-looking e-mails from financial institutions. They ask users to confirm their account information, including a user name and password, with a warning that their account will become invalid if they do not comply.

Scam XI: Your Files for Ransom - Ransomware Scams
Hackers gain control of people's computers through several of these holiday scams. They then act as virtual kidnappers to hijack computer files and encrypt them, making them unreadable and inaccessible. The scammer holds the user's files ransom by demanding payment in exchange for getting them back.

Five tips to help protect computers and personal information:
1. Never Click on Links in E-Mails: Go directly to a company or charity's Web site by typing in the address or using a search engine. Never click on a link in an e-mail. At work, click on link only if Email is digitally signed.
2. Use Updated Security Software: Protect your computer from malware, spyware, viruses and other threats with updated security suites. DoD employees can get security software for home use. One can purchase products with additional features. For example, McAfee offers a Security Center product that alerts the surfer to possible malicious code at a web site.
3. Shop and Bank on Secure Networks: Only check bank accounts or shop online on secure networks at home or work, wired or wireless. Wi-Fi networks should always be password-protected so hackers cannot gain access to them and spy on online activity.
Also, remember to only shop on Web sites that begin with https://, instead of http://, and seek out Web sites with security trustmarks.
4. Use Different Passwords: Never use the same passwords for several online accounts. Diversify passwords and use a complex combination of letters, numbers and symbols.
5. Use Common Sense: If you are ever in doubt that an offer or product is not legitimate, do not click on it. Cybercriminals are behind many of the seemingly "good" deals on the Web, so exercise caution when searching and buying.