Information Security Today Home

New Books

Information Security Management Handbook, Sixth Edition
How to Achieve 27001 Certification
The Terrorism Recognition Handbook

Hackers Scamming Online Holiday Shoppers

from SecureWorks

Atlanta, GA - November 26, 2007: With Cyber Monday and the Holiday Shopping Season in full swing, SecureWorks has seen foreign and domestic hackers and scammers gearing up for scams related to the post-Thanksgiving Day commerce. Traffic has been especially heavy on the hacker forums where hackers arrange these scams. SecureWorks has seen a big increase in that type of chatter on forums in the last 30 days, and the rate of increase all coincide with the timing of Cyber Monday.

Some examples of the latest and most sophisticated scams that are likely kicking into high gear this week surround the free coupon and free gift cards. Some of the spam templates SecureWorks has recovered from spambot C&C (command-and-control) servers include lures to malicious Web sites that offer coupon codes or free gift cards for many of the large and small retailers. In one scam, the hacker group behind it discusses how the low dollar amount or pecentage can make the offer seem more credible. That is, they're saying it doesn't appear "too good to be true."

Types of Holiday Hacker Scams
Free Gift Cards: Despite that reasoning, greed still works. Instant messaging and social networking spam is being used to phish people by saying they can sign up for a program or verify their identity as a winner, getting $500 gift cards in return. Researchers reported some of the gift card scams that have been running on MySpace in mid-November. We expect those types of scams to increase during the holidays.

Spyware Targeting Specialty Retail and Restaurant Sites
Spyware is also a huge concern with so many people performing actions such as paying for gift items, and, let's face it, transferring money out of savings using the Internet. Recently, we have seen a lot of discussion on the hacker forums about placing iFrames on smaller, specialty retails sites and restaurant sites, in hopes to infect as many visitors to those sites with malware as possible. The smaller sites might not have an internal IT security department to keep tabs on their site to make sure that they donít fall victim to these scams. All days are risky, but SecureWorks see indicators that Cyber Monday and the remaining Holiday Shopping Season will call for extraordinary vigilance. Convenience is paramount when it comes to holiday shopping. However, it is easy to miss larger discrepancies on your bank or credit card statements. For the finacnial institutions and retailers, many of the fraud detection systems will have to deal with extraordinary purchases and more shipments to addresses other than the billing address. It's easy to let your guard down in these situations.


About the Author

With over 2,000 clients and 10,000 devices managed and monitored, SecureWorks has become the leading Managed Security Services Provider safeguarding more organizations than any other vendor. Positioned in the Leader's Quadrant in Gartner's Magic Quadrant for MSSPs, SecureWorks provides the most effective security services by leveraging our integrated security management platform, advanced security research, and 100% GIAC certified experts. SecureWorks' full breadth of security services, encompassing security management, security monitoring, self-service security and professional services, are designed to meet the needs of Fortune 100 companies with large security teams as well as smaller companies with no security expertise. In addition, SecureWorks has helped companies pass over 2,400 compliance audits by providing comprehensive and straight-forward board and examination reports. The combination of advanced technology, industry-leading threat visibility and expert team of security professionals make SecureWorks the clear choice for organizations seeking to enhance their security posture and improve compliance with industry regulations.
 
Subscribe to
IT Today






Powered by VerticalResponse

Share This Article

Mixx it digg


© Copyright 2007 Auerbach Publications