Cape Town – As more South Africans consider buying online during the shopping season, the online criminal playbook is in full swing trying to separate consumers from their cash.
According to security firm Kaspersky Lab, the year 2015 was characterised by a number of financially motivated cyber attacks and the company said increased internet access will expose more people to cyber crime.
“As for South Africa, we see a decrease in internet pricing from internet service providers and more affordable mobile data plans being available. Therefore, we are likely to get an increase in online users together with an increase in the number of attacks targeting their financial and personal data on mobiles and PCs,” said Dirk Kollberg, senior security researcher on the Global Research and Analysis Team at Kaspersky Lab.
Criminals use a variety of strategies that internet users should be able to spot, says a security professional.
“Phishing emails are often used by cybercriminals trying to steal your money and data, and this is especially true during the holiday season,” said Carey van Vlaanderen, chief executive of Eset.
Social engineering tricks
Phishing is a strategy where an email contains a link to a fake website designed to steal user financial information and has proved effective.
Kaspersky recently revealed that 51% check the authenticity of a site before making a payment.
“Pay close attention to any spelling and grammatical errors in the body of the email, and also look at the sender’s email address. If you don’t recognise the sender or did not sign up for emails from that address, do not respond,” Van Vlaanderen advised.
Eset also warned against social engineering tricks such as Vishing - voice phishing - where scammers call and pretend to be a company official.
“They might pretend to be a bank, a big tech company, a reputable retailer or – as is often the case – a Microsoft support engineer asking for access to the user’s computer,” said Van Vlaanderen.
“Most people have cottoned on to these attacks, but they haven’t gone away completely with criminals increasingly using this method to target elderly and other vulnerable people,”
She added that the best course of action was to never hand over financial details on the phone, and instead hang up and call the company back through official channels, not via the number used to call you.
Many people are using social media to sell items online, but prospective buyers should beware of “too good to be true” deals.
“During the holidays, make sure that you are careful on what links you click on and where you buy products. Pay particular attention to tweeted deals that look too good to be true with shortened links (as they might try to lure you to a malicious website),” said Van Vlaanderen.
She added that users searching for deals online should only transact with sites that employ “https” in the address bar and punters should avoid search engine ads.
“Ad servers are regularly being breached by criminals, who then misdirect people who click onto malicious sites where they try to steal credentials or infect users in a drive-by-download attack,” Van Vlaanderen said.
She added that internet users should also be wary of coupons or vouchers offered online as criminals may easily duplicate brands in order to trick people into giving up their financial information.
“If there is any doubt over the coupon’s authenticity, check official retail store websites, and above all remain level-headed,” she added.
- Follow Duncan on Twitter