Employers that want to give themselves the gift of online security during this holiday season should be aware of the dangers lurking on the internet and generally ensure that their web security is up-to-date.
McAfee, the internet software security company, has released its Twelve Scams of Christmas list, which includes malicious mobile applications, phony Facebook promotions, holiday phishing schemes, and more. They include the following:
- Mobile Malware: McAfee cites a 76% increase in malware targeting Android devices in the second quarter of 2011 over the first, making it the most targeted smartphone platform. New malware has recently been found that targets QR codes, digital barcodes that consumers might scan with their smartphones to find good deals on Black Friday and Cyber Monday.
- Malicious Mobile Applications: These are mobile apps designed to steal information from smartphones, or to send out expensive text messages without a user’s consent. Dangerous applications are usually offered for free, masquerading as games.
- Phony Facebook Promotions and Contests: Cyber scammers know that contests and free offers are attractive lures, and they have sprinkled Facebook with phony promotions and contests aimed at gathering personal information.
- Scareware: This fake antivirus software tricks recipients into believing their computers are at risk, or have already been infected, so that they will agree to download and pay for phony software. An estimated one million victims fall for this scam every day.
- Holiday Screensavers: A Santa screensaver that promises to let you “fly with Santa in 3D” is malicious. Holiday-themed ringtones and e-cards have been known to be malicious, too.
- Mac Malware: Cybercriminals have designed a new wave of malware directed squarely at Mac users. According to McAfee Labs, as of late 2010, there were 5,000 pieces of malware targeting Macs, and this number is increasing by 10% from month to month.
- Holiday Phishing Scams: Cyber scammers know that most people are busy around the holidays, so they tailor their emails and social messages with holiday themes in the hopes of tricking recipients into revealing personal information.
- Online Coupon Scams: When consumers accept an offer for an online coupon code, they are asked to provide personal information, including credit card details, passwords, and other financial data.
- Mystery Shopper Scams: Mystery shoppers are hired to shop in a particular store and report back on their customers. Sadly, scammers are now using this appealing job to lure people into revealing personal and financial information.
- Hotel “Wrong Transaction” Malware Emails: Scammers have designed travel-related scams in order to tempt us to click on dangerous emails. Once opened, an attachment downloads malware onto the victim’s machine.
- “It Gift” Scams: When a gift is hot, not only do sellers mark up the price, but scammers will also start advertising these gifts on rogue websites and social networks, even if they don’t actually have the popular items.
- “Away From Home” Status Updates: Posting information about your vacation on a social networking website could actually be dangerous. Thieves may see your post and decide that it sounds like a good time to rob you.
There is always a degree of risk for companies that let employees access the internet, and the holiday season can be especially dangerous, with online shopping increasing dramatically,
according to McAfee. This is why some security-sensitive companies simply do not let their workers use company equipment for personal internet usage.
Meanwhile, the HR department can be especially vulnerable to cybercrime. According to McAfee, there are several cases where someone in HR got a “holiday” email from a thief pretending to represent a charity the company supported. When HR posted the link on the company intranet so that employees could make holiday donations, many company
computers were infected with spyware and viruses. 12.15.2011