In this special article, I am going to make a clear note to Christmas Shoppers and how they should avoid malicious cyber deals. In fact, security researchers caution especially Android users when downloading apps for shopping, games, and Santa video chats. As they found hundreds of malicious apps likely leveraging the season to defraud unwitting victims.
In general, early Christmas Shoppers save all that last-minute rushing around. If you have a plan set you can be more effective, save money, and enjoy the Christmas season more. Some people only shop for close family and friends. Other people put together Christmas presents for co-workers, the postal worker, the dog walker, hairdresser, plumber, poker buddies, kid’s teacher, and more.
Basically, Christmas Shoppers figure into their household or personal budget for the entire year, instead of just trying to find extra money somehow every November or December. You can always start by saving a small amount every month. But, what happens when Online Christmas Shoppers fall victim of malicious cyber deals?
While online shopping helps you skip the crowds at the mall, it can be a cybersecurity minefield. “The holidays are a bonanza for cybercriminals,” Dave Baggett, co-founder, and CEO of anti-phishing start-up Inky tells CNBC Make It. “People are buying a lot of things over a short period of time, and they are hurried about it. This presents opportunities for crooks.”
How are Christmas Shoppers Maliciously targeted?
A scan of thousands of apps revealed seven with malicious routines such as replacing the legitimate apps with a version downloaded from a command and control (C&C) server. They also found 35 apps containing adware with more invasive behaviors than standard in-app advertisements.
And 165 apps enabling “excessive or dangerous combinations of permissions,” such as camera, microphone, contacts, and text messages. Researchers from Barracuda Networks recommend that users examine the apps they download to their phones. Especially as online shopping and banking are expected to reach new heights this year.
Invasive adware was reportedly related to DIY gift projects and used suspicious ad networks by displaying catchy deals and coupons. Cybercriminals can go after banking, email, and access credentials by replacing legitimate website forms, or by using malware or injected skimmers.
The researchers noted the excessive permissions that users may grant apps can be used to steal stored information. Particularly, from the devices such as contacts for phishing and spam campaigns, as well as banking authentication tokens via SMS messages when shoppers finalize their purchases online.
What should Online Users & Christmas Shoppers do?
As an example, Bitcoin has long been the favored currency for darknet marketplaces. With cybercriminals taking advantage of its pseudonymous nature and decentralized organization to conduct illicit transactions. Above all, demanding payments from victims, and launder the proceeds from their crimes.
In the early long periods of the cybersecurity world, the standard cybercriminals were teenagers or hobbyists in operation from a home laptop. With attacks principally restricted to pranks and malicious mischief.
Best practices to note when downloading apps and shopping online:
- Firstly, check app reviews on reputable websites.
- Secondly, review the access permissions being requested by the app and evaluate if they are necessary for the functions of the app.
- Again, directly type the retailers’ websites, and avoid clicking on URLs found in emails and text messages, especially from unknown senders.
- And also, regularly update devices’ operating systems and apps.
- Finally, limit the amount of personal information provided to websites and apps.
Whereby, Trend Micro Mobile Security for Enterprise provides device, compliance and application management, data protection, and configuration provisioning. As well as protecting devices from attacks that exploit vulnerabilities, preventing malicious and unauthorized access to apps. And also, detecting and blocking malware and fraudulent websites.
Trend Micro’s Mobile App Reputation Service (MARS) covers Android threats using leading sandbox and machine learning technologies. In that case, protecting devices against malware, zero-day and known exploits, malicious apps, privacy leaks, and application vulnerabilities.
Notably, the cybercrime underground is not known for playing by the rules. So we can’t expect it to follow the Gregorian calendar in terms of new black hat trends. Nevertheless, the end of another 12 months is as good a time as any to take stock.
It’s clear that organizations are investing ever greater sums in cloud-based systems to spur digital transformation. Gartner claims worldwide spending on the public cloud will grow 17.5% this year, for example.
Bearing in mind, Cybercrimes can begin with anyone wherever there is digital data, opportunity, and motive. From the lone user engaged in cyberbullying to state-sponsored actors, like China’s intelligence services. But, Cybercrime generally does not occur in a vacuum; they are, in many ways, distributed in nature.
Generally, Cybercriminals typically rely on other actors to complete the crime. Whether it’s the creator of malware using the dark web to sell code or even the distributor of illegal pharmaceuticals using cryptocurrency brokers to hold virtual money in escrow. Not forgetting, the general state threat actors relying on technology subcontractors to steal intellectual property.
I hope you have gathered enough information in regards to the 21st Century Cybercriminals and how you can play safe. But, if you’ll have additional information, contributions or even suggestions, please Contact Us.
You can also share some or more of your thoughts in the comments box below this post. Below are more additional and related to the topic links.
You must log in to post a comment.