Cybercriminals are preparing for ‘Cyber Monday'.
Paul Judge, co-founder and chief technology officer of web security firm Purewire, told SCMagazineUS.com that the number of people that are going to be online Monday with their credit cards sitting next to their keyboard ‘is really a numbers game'.
In preparation for a major worldwide online shopping day, Judge claimed that cybercriminals are registering new domain names, purchasing advertisement space and creating user profiles on social networking and e-commerce sites to host malicious content and lure users into clicking on it in preparation.
Judge said: “With a fake commerce site, you don't need to steal a user's information, they will hand it over to you.”
Derek Manky, security researcher for Fortinet, warned users of ‘too-good-to-be-true' spam advertisements designed to lure bargain shoppers. While researchers at Marshall8e6's threat labs are also expecting threats that prey on shoppers' need for a good deal because of the economy.
Mark Parker, senior product manager at Marshal8e6, predicted that threats will likely come in the form of phishing emails with fake coupons in them, and posts to message boards with malicious links.
He warned that when chasing the better deal online, users should not compromise the quality of the vendor, experts said. The safest route is to stick with reputable brands and vendors. He also warned enterprises to remind employees to use good practices when shopping on the internet, have a solution in place to block malicious code and phishing emails, run reports and monitor user activity.
Parker said: “Judge said organisations should have an anti-virus solution in place that scans web traffic, not just one that runs on a mail server or an individual's computer. Enterprises without the proper security measures in place should consider locking down access to personal sites until the network is better safeguarded.”