Don't let your Christmas shopping be a gift for cyber-crooks

According to CyberSource, fraudulent online transactions are growing at a rate of 20% per year, and in 2007 cyber-crooks benefited from these operations to the tune of US$3,6bn dollars**.

“Among the most dangerous threats to users over the Christmas period are banker Trojans,” says Jeremy Matthews, head of Panda Security's sub-Saharan operations. “These malicious codes are designed to steal confidential data such as banking passwords and account numbers and make this information available to criminals who can then steal money directly from users. This type of malware accounted for 20% of all new malware that appeared during 2008.”

Matthews cites phishing as being another type of fraud that users must be on the lookout for. These attacks use emails that appear to come from financial institutions and other reputable organisations but really redirect users to spoof web pages where they are prompted to enter their bank details. Fake online stores, which are also normally designed to steal users' bank details, represent another common threat. They often offer products at incredibly low prices to attract potential victims.

“During the festive season, you should also be on the lookout for spoof greetings cards created to distribute malware as well as infected P2P downloads and fake online auction offers,” says Matthews.

To help prevent users fall victim to online fraud, Panda Security has drawn up a list of practical tips to bear in mind when shopping online:

Keep your computer free from threats

Before carrying out an online payment, make sure your computer is not infected by viruses, Trojans, etc that could steal your credit card details or passwords. Make sure you have an antivirus installed that can detect all types of threats, and keep it up to date.

Only visit secure websites

If you are going to make an online payment, make sure the Web page is secure. Check that the address in the browser's address bar starts with “https”. In addition, a small closed padlock icon must be displayed in the status bar of the browser.

Investigate

Before buying something from an online store, make sure the company is reliable. Do what you would do in real life: get the opinion of other customers. On the Internet, this is as simple as typing the name of the store in a search engine and checking the opinion of other buyers. If it is bad, don't buy there.

Get a second opinion

Even if you have an antivirus, make sure your computer is genuinely clean by getting a second opinion. Visit Infected or Not (http://www.infectedornot.com) and run a free scan of your computer with Panda ActiveScan 2.0, capable of detecting even threats that have evaded detection from traditional antiviruses.

Trust your instinct

Beware of bargains. If something looks too good to be true, it probably is too good to be true. Follow your instinct and if something looks like a fraud, don't buy it. Rather miss out on a ‘bargain' than to lose your money.

Panda Security has made available a guide to safe online Christmas shopping, explaining the main threats and how shoppers can protect themselves. You can download it from: http://www.pandasecurity.com/emailhtml/Guide_for_secure_Christmas_shopping.pdf.

* http://www.forrester.com/ER/Press/Release/0,1769,1233,00.html
** http://www.internetretailer.com/internet/marketing-conference/43240-e-payment-fraud-reaches-36-billion-2007-or-14-sales-study-says.html