Cyber criminals threaten to dampen New Year celebrations
December 28, 2009
Shopping online for a New Year gift? Or clicking on that New Year e-greeting link? Be careful this time around as cyber criminals armed with a new set of Web threats, including viruses, spam and cyber-scams, would be on the prowl to trap gullible Internet users, reports PTI.
Hackers use their best schemes during holidays to steal people's money, credit card or net-banking information. Following seasonal trends, these thieves create holiday-related websites and other convincing emails that can trick even the most cautious Internet user, say experts.
"Spam and phishing attacks usually see a surge during this time of the year as an increasing number of people use the Internet to shop, send e-cards, greetings or even simply surf. Cyber criminals take advantage of increased traffic online to send spam and manipulate search engines in order to draw victims to their websites," Roger Thompson, chief research officer of security software maker AVG Technologies said.
In the run-up to New Year, shoppers often fail to check the authenticity of websites which claim to offer gifts at throwaway prices before simply vanishing a few weeks later, he said.
According to a recent report by online market research company Juxtconsult, the burgeoning online landscape has a population of 49 million Internet users in India; out of which 44 million use emails and close to 25 million browse the Internet every day.
With the advent of the holiday season, the density of online shopping and Internet usage goes up manifold and so do online security threats, a spokesman for software manufacturing giant Microsoft said.
Before a consumer enters his credit card number, he should make sure that the company website requires only personal information like card number, address and telephone number to complete the purchase. They should be wary if the site asks for other information such as bank account numbers, or their mother's maiden name, etc, said the spokesman.
Observing that most of the Web threats are carried out through emails, Rakshit Tandon, a cyber security consultant with the Internet & Mobile Association of India (IAMAI), warned about fake New Year e-greeting cards.
"When you load that e-card, a malicious code enters your computer compromising your security. They might hijack your computer and install a key-logger into it, through which whatever you type into your computer would be seen by the attacker. So you lose all your privacy and even passwords," he said.
On any given day, AVG estimates that around 8 to 14 million unique users worldwide are exposed to social engineering scams. "More troubling is the speed with which these threats take place. Our research shows that an average of 60% of poisoned websites disappear in less than 24 hours," Mr Thompson says.
"Users cannot assume that the pages they know and visit everyday are safe from threats to their personal and financial well-being. Increasingly, it is legitimate websites, compromised by criminals, that pose threats," he added.
Charity-phishing scams in which hackers dupe unsuspecting citizens by taking advantage of their generosity during the festive season is also a major threat. "Charity-phishing scams will be bigger this time. Hackers send emails that appear to be from legitimate charitable organisations. They also create fake Web pages and the poor user ends up giving them his credit card information or net-banking password," said Mr Tandon, who also works with the cyber complaint redressal cell of the Uttar Pradesh police.
Hackers are also sending out fake mails saying that the person's bank is doing a security upgrade during New Year and request him to update his personal information through a false Web link.