Once you're done with turkey and pumpkin pie, prepare yourself for an
onslaught of tainted Web links and viral attachments, deployed by
cybergrinches to take over control of your computing device.
malicious digital gifts will come at you in e-mail, social media
postings and search results -- decorated like greeting cards, coupons,
shipping documents and other innocuous bits of info. Brett Stone-Gross,
researcher at Dell SecureWorks, supplied CyberTruth with these dozen
tips for making it harder for the bad guys to spoil your holiday good
- Be wary of holiday gift cards, holiday coupon offers, holiday
cards, photos, etc., sent via e-mail. These often have malicious links
within the offer which lead to downloads of info-stealing Trojans or the
hackers try to scam you out of your bank account information.
the actual Web address of the retailer you want to visit into your
browser. Do not follow links provided by e-mail offers or pop up ads.
Many times these are fraudulent sites made to look like the legitimate
- Avoid using debit cards to
do online purchases when possible so as to limit your personal exposure
to any possible fraudulent transactions. Use a credit card that limits
your fraud liability
- Always look at your
Web browser for the https (as opposed to http) protocol that proceeds a
Web address. The "s" let's you know that the website is providing a
layer of security for transmitting your personal information over the
- Be wary of unsolicited e-mails,
even from senders that you know, that include links or attachments.
Before clicking on links or attachments, try to verify the authenticity
with the sender.
- Be especially cautious of clicking on links posted on social
networks and micro-blogging sites. Shortened URLs make it easier to
share, tweet or email links, but they also create a security threat, as
it easy to disguise the destination of the malicious links.
that your browser, browser plug-ins, anti-virus, and other software are
patched and up-to-date. Patch management is key. It is critical that as
soon as the patches become available that you install updates for your
applications and for your computer's operating system.
a dedicated computer for any online banking and bill paying. That
computer or virtualized desktop should not be used to send and receive
e-mails or surf the Web, because web exploits and malicious e-mail are
two of the key malware infection vectors.
your banking statements on a regular basis with online banking and/or
credit card activity to identify potential anomalous transactions that
may indicate account takeover.
cautious about installing software (especially software that is too good
to be true - e.g., download accelerators, spyware removal tools), and
be wary of pop-ups from websites asking users to download/execute/or run
otherwise privileged operations. Often, the "free software" and pop-ups
have malware embedded.
- Be wary of
e-mails notifying you that your banking certificate or token is out of
date and to download a new certificate or token. Before taking any
action, verify with your financial institution by calling them on a
number that is not provided in the email.
- Avoid using weak or default passwords.