50 Million Cyber Attacks Will Occur this Holiday Season
‘Tis the season to be scamming.
Across the globe, consumers can expect over 50,000,000 cyber attacks to occur this holiday season, per a press release from the UK-based IT group, Dimension Data. The average consumers will lose between $50 to $5,000 per incident. That’s quite a range.
E-commerce is booming, people have more access to the internet than ever these days and retailers have realized that traditional brick and mortar stores now come second to online storefronts in most people’s mind. Granted, some people actually enjoy being among the holiday crowds at a busy shopping mall, personally, I’d rather self-immolate.
This year should be particularly bad. According to NTT Security’s quarterly Threat Intelligence Report, phishing is up 74% – with over 1.4 million new phishing sites created each month.
That’s staggering.
Mark Thomas, a Security Strategist for global IT group, Dimension Data, says:
“Over the next six weeks, we’ll see an increase in email phishing campaigns, ransomware attacks, banking trojans, as well as the emergence of fraudulent websites that promote special deals such as discounted holiday packages. Fraudulent gift cards, which may take you to an untrusted site or allow a download of a file to your computer that could compromise your device, will also become more prevalent.”
One of the things that make these phishing attempts more believable – and something that we’ve admittedly been harping on – is the fact that hackers can easily procure a DV SSL certificate, install it and get their website marked “Secure” in Google Chrome. Critics will point out that these sites typically only stay open for a few hours and the risk is minimal, but that doesn’t change the fact that while they are operating the presence of the DV indicator makes them more effective.
Then when you factor in that with some HTTPS interception tools and certain firewalls, legitimate websites are having their EV indicator stripped and you’ve got a legitimate problem.
Fortunately, Dimension Data has some tips for staying safe this holiday season:
-
Never use public Wi-Fi when making online purchases
-
Never open e-mails, click on links, or open attachments from unfamiliar sources
-
Ensure you download legitimate applications from known, trusted sources onto your devices
-
Never share your user names, passwords, or other personal information online
-
Use a password management system which allows you to securely store and manage all your credentials from a single location
-
Be wary of unsolicited emails that promise exciting offers, and don’t open the attachments
-
Look out for the visible padlock icon on your browser to confirm encryption.
-
Use your credit card rather than debit card, and don’t store your card details online
-
Ensure that your anti-virus and operating system patches on your mobile, tablet, laptop, and PC are up to date
-
Check your bank statements often and immediately report unauthorised or suspicious charges to your bank
If you’re looking for something more expansive, here’s a complete guide on how to spot a fraudulent website. I recommend giving it a read. I hear the writer is pretty handsome, too.
What we Hashed Out (for Skimmers)
Here’s what we covered in today’s discussion:
- This holiday season over 50-million cyber attacks will occur
- Phishing was up 74% in Q3 2017, with 1.4 million new sites made each day
- SSL certificate are aiding in the efforts to phish by getting sites labeled “secure” in Google Chrome
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber SecurityHow to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything EncryptionRe-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything EncryptionCloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
in ssl certificatesThis is what happens when your SSL certificate expires
in Everything EncryptionRe-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber SecurityReport it Right: AMCA got hacked – Not Quest and LabCorp
in Hashing Out Cyber SecurityRe-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything EncryptionRe-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything EncryptionThe Difference Between Root Certificates and Intermediate Certificates
in Everything EncryptionThe difference between Encryption, Hashing and Salting
in Everything EncryptionRe-Hashed: How To Disable Firefox Insecure Password Warnings
in Hashing Out Cyber SecurityCipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything EncryptionThe Ultimate Hacker Movies List for December 2020
in Hashing Out Cyber Security Monthly DigestAnatomy of a Scam: Work from home for Amazon
in Hashing Out Cyber SecurityThe Top 9 Cyber Security Threats That Will Ruin Your Day
in Hashing Out Cyber SecurityHow strong is 256-bit Encryption?
in Everything EncryptionRe-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything EncryptionHow to View SSL Certificate Details in Chrome 56
in Industry LowdownPayPal Phishing Certificates Far More Prevalent Than Previously Thought
in Industry Lowdown