Retailers are expecting a crush of online traffic this Cyber Monday, as holiday shoppers flood e-commerce sites on the Monday after Thanksgiving. But watch out for phony offers and online scams: a wave of spam raises the risk of credit card fraud and malware attacks.
At SophosLabs, we’ve already seen spam emails targeting shoppers ahead of Black Friday and Cyber Monday. Chet Wisniewski, Sophos Senior Security Advisor, writes at Naked Security that if a deal “sounds too good to be true, it probably is.”
According to Chet, you should watch out for malicious links and attachments in spam. Never open attachments in spam messages claiming to be shipping notifications, Chet advises: they are delivering banking Trojans like Zeus (ZBot), and infecting victims with Cryptolocker ransomware.
The Ponemon Institute’s 2013 eCommerce Cyber Crime Report contains further warnings for businesses: the likelihood of a website attack is dramatically increased on Cyber Monday, especially DoS (denial of service) attacks. All told, 64% of businesses surveyed say they have seen an increase in scams or attempted website attacks on high-traffic days including Cyber Monday.
The cost of a website attack underscores the importance of security for websites: up to $3.4 million in lost business for every hour e-commerce sites are down, Ponemon reported. Unfortunately, the report finds that businesses have little insight into threats against them: two-thirds say they do not take special precautions to ensure availability and integrity of their websites.
Meanwhile, the FBI issued a fraud warning to consumers. Special Agent in Charge Marlon Miller of the U.S. Department of Homeland Security advised consumers to be conscious of the price, location, and quality of seasonal offerings. “Substandard quality, prices far below retail, and goods being sold at suspicious websites or at locations not ordinarily associated with a particular brand should set off red flags to the consumer,” Miller said.
Our experts advise everyone to be extra cautious when opening emails:
- Don’t click links in emails
- Don’t open attachments you aren’t expecting
- Don’t believe online promotions that are too good to be true