Christmas is always a special time for millions of people around the world. This happy season has a tradition of giving heart-felt gifts as a token of affection and love, as well as spending more time with loved ones who are rarely seen.
But it is also a special season for cybercriminals, as they take advantage of these shopping days to intensify their phishing attacks, ransomware, and even dropping malware into emails. During this time of frenzied shopping for the perfect or last minute Christmas gifts, cyberattacks are intensified. According to Check Point Software, cybercriminals are taking advantage of online shoppers distracted by specials to launch phishing campaigns and lookalike fake websites. From mid-October to mid-November, Check Point Software has seen the number of incidents involving these fake sites reaching close to 15 000 in the US alone. Even more concerning, 4% of all new shopping-related websites since the beginning of November were found to be malicious.
Check Point Software Technologies, a global cybersecurity specialist provider, wants to raise awareness among online gift shoppers to be cautious at all times and take the necessary precautions.
According to Check Point Software’s Brand Phishing Report Q3 2022, Phishing is also a major player in Internet scams, and in the last quarter, DHL, the parcel delivery company, was the most impersonated company setting up shoppers for cybercrime. At a time when online shopping is stronger than ever, it is necessary to be especially careful with messages from such invitations for amazing offers.
In order for people to be able to shop securely and without any mishaps, Check Point Software wants to provide some tips for a safe and secure shopping experience:
- Always buy from an authentic and reliable source: always look for the link in the search engine you use, never click on links sent to you by e-mail or text message, as they are potentially dangerous because many cybercriminals try to phish through these channels.
- Be aware of similar domains: cybercriminals will always try to make the domains they create for the pages they imitate look as similar as possible to the original, but they will always have some spelling mistakes, or the domain name will be misspelled. So, by paying close attention to such spellings, we will be able to avoid future problems.
- Offers that seem too good to be true will always be too good to be true: if an offer is too good to be true, it is probably a scam, even more so at this time of the year when there are usually no big discounts. Do not get carried away by surprisingly low prices.
- Always look for the lock: secure Internet sites have the letters HTTPS at the beginning of the domain, as opposed to those that are not, which have HTTP without the final ‘s’. HTTPS sites are those that comply with international security standards.
- Have endpoint security solutions in place: it is necessary to have them for the email as well as for websites when we surf the Internet, since they can prevent the spread of such malware to the rest of the equipment or computers.
- Always be on the lookout for password reset emails: companies will never ask you to reset your password unless you have requested it yourself, so if you receive an email asking you to change your password, the best thing to do is to go to the company’s website and change your password from there.
“We all want to have a smooth Christmas, buy gifts for ourselves and our family and friends and have a peaceful vacation, but cybercriminals do not take vacations and that is why you have to be very cautious, even more so at this time of year,” says Charnie-Lee Adams-Kruger, Country Manager for South Africa at Check Point. “Cyberattacks, as our reports point out, continue to increase, especially more so around such special holiday seasons such as Christmas. Both ransomware and phishing are the order of the day for companies and individuals, so no one is exempt from danger.”