Five online threats to be wary of this Christmas

Christmas is going to a busy time for online shoppers and retailers - which means that the cybercriminals are coming out to play.

Email lures - malcode-carrying spam

These are malicious emails that manage to by-pass end-user security and compromise the targeted computer causing no end of trouble. This could be an email with a jolly Santa Claus, which may contain malware below the surface. Beneath the images could be links to malware or exploit code.

This could also be done using animated files which could attract the attention of users, such as snowflakes falling, while a backdoor Trojan is installing.

Credit crunch emails

Expect to continue seeing phishing attacks exploiting shaky consumer confidence in these difficult economic times, as banks struggle and merge.

These are designed to fool customers into receiving personal information such as bank account numbers and passwords.

Spoofed online portals

IBM expects to see phishing gangs launching a generation of fake online portals which pretend to be well-know brands are steal credit card information.

Other social engineering techniques could be used such as pop-ups which claims that a computer is infected, and whether you want to perform a free anti-virus scan. Once you’ve clicked you’ll be informed that virus is present.

This is all in aid in getting you to download the latest anti-virus software, allowing a Trojan to be downloaded which could allow hackers to takeover your computer.

Dangerous web browsing

Cybercriminals can infect a user without their knowledge simply by browsing a Christmas themed website. This is because code could be executed which exploits vulnerabilities in software already installed on the computer.

Vulnerable software includes the browser, the operating system or even third party plug-ins. Once the computer is compromised than malicious software can secretly be installed.

Toxic toys

Christmas sees a new wave of electronic gadgets such as smartphones and DVDs which could contain malware which cybercriminals could use as a backdoor for entry into business networks.

People should not be connecting unauthorised devices using USB ports, as this is an evolving threat which is becoming a serious problem.

IBM advised companies to disable USB port access for corporate networks, but in the end it’s the end-user’s responsibility to get clearance before installing a ‘toy’ on the corporate network.

Email to a friend

Print this page