Security software vendor Panda Security is offering up some simple online shopping tips for consumers looking to dive into the holiday shopping season this week without losing either their identities or their hard-earned cash.
The combination of the proliferation of mobile devices and the number of etailers offering Black Friday deals online, cybercrooks are ready to pounce. According to Panda Labs, 66 percent of identified malware threats are Trojans embedded in unsolicited emails or tucked away in otherwise innocuous-looking websites that are specifically designed to steal users' most sensitive data.
"Cybercriminals know this Friday and Monday are two of the biggest shopping days of the year, and Americans are going to be sharing tons of sensitive data online during this period," Sean-Paul Correll, a threat researcher at PandaLabs, wrote in the report. "Its more important than ever for shoppers to follow best practices to avoid infecting their computers or turning over their private information into dangerous hands."
Ecommerce spending during this year's holiday season is expected to surge to more than $38.5 billion, according to online marketing and consulting firm eMarketer, up 14.3 percent from last year's frantic online buying season.
This isn't news to shoppers who love the convenience of browsing and purchasing gifts from their PCs and mobile devices and it's even less of a surprise to online thieves who have devised numerous scams to separate consumers from their cash.
Just to be on the safe side, researchers at Panda Labs have created the following list of six ways Internet shoppers can at least minimize their exposure to sophisticated online security threats:
1. Beware of Google results of "deals."
Online crooks are especially proficient at creating bogus sites and links for those searching for that great bargain. Blackhat search engine optimization schemes peak between Thanksgiving and Christmas, focusing on keywords, such as "sale," "deal," and any number of hot holiday products that consumers want.
Instead of blindly punching away on a search engine, security experts advise shoppers to go directly to reputable sites that they've used before and to always pay close attention to the URLs they visit before entering any credit card information.
2. Don't click on that link.
In general, avoid any unsolicited emails advertising special discounts that pop up in your email account. Some of the more sophisticated malware campaigns are attaching themselves to popular brands in the hopes that unsuspecting victims will throw caution to the wind in their pursuit of a deal.
3. An ounce of prevention is still a better deal than a pound of cure.
It seems simple, but many holiday shoppers are still not wise to the ways of antivirus and antimalware prevention tools. Take a minute before shopping and make sure the operating system powering your PC or mobile devices has the latest updates and patches to ensure the best possible ground-level security.
It's also worthwhile to update popular apps used for shopping like Adobe Flash and Java to rid your devices of any unwanted bugs and viruses.
4. Assume the worst.
Despite all the warnings and publicity accompanying online fraud and identity theft, most Internet shoppers still underestimate the lengths to which cybercrooks will go to steal their most pertinent information.
"If youre unsure if a site is legitimate, run a search online to see if you can determine whether its widely known," Panda Labs researchers advise. If you cant find the details you're looking for, it might be best to move on to another site.
5. SSL/https is your friend.
Thankfully, some browsers like Explorer and Google Chrome will turn the address bar green to let you know if a site is secure enough for transactions. Pay attention to the sites you browse and purchase from to see if they offer SSL protection. Most will have a padlock icon on the bottom corner of the browser or in the address bar to let you know it's safe to proceed.
6. Don't be cheap. Renew your AV subscription.
Self-serving as it may seem, security software vendors universally agree the minimum responsibility of online shoppers is to install and update their core antivirus application to weed out the garden-variety threats that most online crooks rely on to steal your credit card and login credentials.
Get security tips; follow eSecurityPlanet on Twitter @eSecurityP.