3 min read

Malware instead of Carnations for Mother's Day

Loredana BOTEZATU

May 03, 2011

Malware instead of Carnations for Mother's Day

The International Mother`s Day has been celebrated, since 1910, with white and red carnations, appreciation letters replaced today by greeting cards, nice dinner in smart restaurants or jewelries especially created for such occasion. Unfortunately, this kind of events is not missed by cyber crooks who find this frenzy particularly convenient for their on-line scams. And with a bit of social engineering things can turn very ugly, should the enthusiastic buyer not exercise enough caution around this otherwise beautiful holiday.

First of all, many well-known online retailers are phished in order to mislead buyers into thinking that they are purchasing mother`s daygifts from their favorite virtual shop. The credit card credentials can this way fall into the hands of cyber-crooks and your savings can vanish in a heartbeat. If you are about to make such a purchase, it is highly recommended that you type in the whole address of the site you would like to visit and furthermore avoid clicking on links that land on your social networking wall or that reach your spam folder.

Second, with holidays around the corner, fake shops arise each day on the Internet. These online locations advertise fictitious products and take your not-so-fictitious money without ever delivering your order. If you can`t tell an online shop from a trustworthy source, maybe you either should do some research on the particular site before using its services or choose shops you`ve already tried with other occasions.

Third, spammers will also take a shot and try to trick people into accessing either certain sites advertising knock-off jewelry, accessories and pills or clicking links that will make the online shoppers land on various malicious sites where they can get a keylogger, a backdoor or a good old exploit from. And then all the critical data typed in may get into the wrong hands.

Lately, spam bundles with malware seems to have a strong comeback: with a bit of social engineering, people are convinced to download and open attachments that at a fist glance appear to be plain Microsoft® Word® documents but are in fact executable files rigged with malware.

For instance, these past days, a spam mail has circulated in which the message reads that you`ve just received your “order confirmation” from a purchase you made from a well-known online jewelry store that advertises amongst others custom made mother`s day rings. And if you happen to have searched for this kind of gifts, then you might fall for the trick and pay a considerable sum of money for the ring that will never be sent. Plus, all your credit card credentials will get into the malicious ill-intentioned hands.

Mother's Day Spam bundled with malware

Spam message and its attached malware

Malware-bundled greeting cards once again make it into the top five online threats around Mother`s Day. Spyeye, once known as Zbot or the notorious Koobface use every means and media to spread in search for your money. You may think that you have in your inbox a nice e-card, but in fact these bots use this beautiful disguise to send you attached malware.

If you`re shopping for mother`s day gifts using a smartphone, make sure that you see the whole address of your webshop of choice. Since cyber-crooks know that the small display of the smartphones might hinder the user from seeing the entire URL of the requested webpage, they usually set up spoofed webpages resembling webshops or other commercial services and wait for you to enter your credit card details. You are therefore advised to type in the entire URL manually and check if the website`s SSL certificate is in place.

In order to protect the integrity of your computer and data, make sure that you follow these safety guidelines:

  • Install and update a security solution that contains at least antimalware, antispam and antiphishing modules.
  • Do not open attachments that come from unknown senders; if you really need to do so, make sure that you download the attachment and scan it with your locally installed antivirus solution.
  • Never use public computers to perform e-banking transactions or other online purchases. These computers may be laden with keyloggers or banker Trojans.
  • Avoid shopping online when using public WiFi hotspots such as those in airports, coffee shops or malls. Usually, data exchanged between you and the online shop of choice flows through an unencrypted channel and can easily be intercepted by an attacker.

tags


Author



Right now

Top posts

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Supply Chain Attack Detected in PyPI Library Supply Chain Attack Detected in PyPI Library
Silviu STAHIE

August 02, 2021

1 min read
Scam baiter Jim Browning bamboozled by scammers into deleting his own YouTube channel Scam baiter Jim Browning bamboozled by scammers into deleting his own YouTube channel
Filip TRUȚĂ

August 02, 2021

3 min read
Instagram influencer Hushpuppi admits his part in scams that stole more than $24 million Instagram influencer Hushpuppi admits his part in scams that stole more than $24 million
Graham CLULEY

July 30, 2021

2 min read