Shopping online is efficient and convenient, especially during the holiday season when malls are packed with frantic shoppers. Unfortunately, while shoppers hunt for great bargains and huge discounts, cybercriminals are out to shop around for victims as well. And as the shopping season rolls around, phishing sites are expected to take advantage of the holiday rush. Phishing is a popular online ploy used to steal credentials and payment information, usually via spoofed websites that are designed to look legitimate or nearly identical to the original, making it hard for users to detect bogus sites.
Phishers do not discriminate. They are interested in credentials used to access sites that online shoppers frequent, compromising personally identifiable information (PII), potentially leading to data theft. Online scammers and data thieves looking to fill their phishing carts score the best “deals” by knowing where to look. This holiday season, it is expected that they will target shoppers looking for in-demand gift items such as popular electronics, toys, and video games.
Last year, online shoppers were the target of “Operation Huyao,” a crafty phishing scheme that operated under the radar by using letting its victims browse the original website's content. Potential victims are only led to a phishing page to steal payment information once it's time to check out and purchase an item. When the shopper finally makes the transaction, the victim even gets a confirmation message of a successful transaction to make it look legit.
Once an individual’s personal data is compromised, the attacker can sell the information, steal one’s identity, steal funds, or hijack other contacts for future phishing targets.
Learn how to spot and avoid phishing scams:
If you find out that you got hooked by a phishing scam, immediately change passwords and PINs on all of your accounts. Alert your card issuers that you suspect a fraudulent activity on your account.
The excitement and chaos of online shopping during the holidays can make shoppers more vulnerable to various online schemes. Aside from practicing the tips above on online shopping, it is recommended that you keep your operating systems and security software up-to-date. Trend Micro’s Smart Protection Network actively identifies and blocks spam and phishing emails and sites before they reach end-users.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.