Byron Acohido, USA Today
One you're done with turkey and pumpkin pie, prepare yourself for an
onslaught of tainted Web links and viral attachments, deployed by
cybergrinches to take over control of your computing device.
malicious digital gifts will come at you in e-mail, social media
postings and search results -- decorated like greeting cards, coupons,
shipping documents and other innocuous bits of info. Brett Stone-Gross,
researcher at Dell SecureWorks, supplied CyberTruth with these dozen
tips for making it harder for the bad guys to spoil your holiday good
- Be wary of holiday gift cards, holiday coupon
offers, holiday cards, photos, etc., sent via e-mail. These often have
malicious links within the offer which lead to downloads of
info-stealing Trojans or the hackers try to scam you out of your bank
- Type the actual Web
address of the retailer you want to visit into your browser. Do not
follow links provided by e-mail offers or pop up ads. Many times these
are fraudulent sites made to look like the legitimate retail sites.
using debit cards to do online purchases when possible so as to limit
your personal exposure to any possible fraudulent transactions. Use a
credit card that limits your fraud liability
look at your Web browser for the https (as opposed to http) protocol
that proceeds a Web address. The "s" let's you know that the website is
providing a layer of security for transmitting your personal information
over the Internet.
- Be wary of
unsolicited e-mails, even from senders that you know, that include links
or attachments. Before clicking on links or attachments, try to verify
the authenticity with the sender.
- Be especially cautious of clicking on links posted on social
networks and micro-blogging sites. Shortened URLs make it easier to
share, tweet or email links, but they also create a security threat, as
it easy to disguise the destination of the malicious links.
that your browser, browser plug-ins, anti-virus, and other software are
patched and up-to-date. Patch management is key. It is critical that as
soon as the patches become available that you install updates for your
applications and for your computer's operating system.
a dedicated computer for any online banking and bill paying. That
computer or virtualized desktop should not be used to send and receive
e-mails or surf the Web, because web exploits and malicious e-mail are
two of the key malware infection vectors.
your banking statements on a regular basis with online banking and/or
credit card activity to identify potential anomalous transactions that
may indicate account takeover.
cautious about installing software (especially software that is too good
to be true - e.g., download accelerators, spyware removal tools), and
be wary of pop-ups from websites asking users to download/execute/or run
otherwise privileged operations. Often, the "free software" and pop-ups
have malware embedded.
- Be wary of
e-mails notifying you that your banking certificate or token is out of
date and to download a new certificate or token. Before taking any
action, verify with your financial institution by calling them on a
number that is not provided in the email.
- Avoid using weak or default passwords.