UPDATED 08:34 EDT / DECEMBER 22 2010

Scammers get in the Holiday Spirit Too: Safety Tips from Commtouch

Email marketing has been huge for years, and it’s not going anywhere, despite the increased social networking activity, marketing campaigns, or mobile shopping and search tools.  It’s because no matter what, things always seem to circle back to email–it’s still our central station for the majority of our digital communications, be it with friends, family or a local restaurant.

As holiday shopping sends more consumers online, many brands are turning to email marketing–newsletters, etc.–to communicate more directly and in a personalized manner with their customers.  This means scammers are targeting you via email as well.  Lacing their malware emails with holiday greetings, there’s a definite threat that occurs for web users, and this time of year harks for particular care around safety.  Below is a brief interview with Rebecca Steinberg Herson, VP of marketing at Commtouch, discussing the dangers, pitfalls and safety tips for web and mobile email.
When it comes to the holiday season, online security is heightened due to increased shopping behavior.  What are some of the big trends you’ve seen this holiday season, and how do they compare to previous seasons?

Around the holiday season we often see an increase in spam, online scams, and identity theft.  Spammers make the most of the holiday season with social engineering by adding a holiday message to their scams. For example, a promotion for a sexual enhancer would say “Make your partner go wild for Christmas.”

This holiday season, people are moving a lot of their purchasing online, and search engine poisoning has become a growing risk.
Cybercriminals will take very popular search terms and build up a system where they “game” the search engines, putting in pages containing malware that will automatically download. For example, if you want to buy your mother a scarf for the holidays – if this is a word that malware distributors have chosen to poison – you could end up with one of your search results be something that you didn’t bargain for.

Malware distributors are looking for where people are going and where they can catch the most people in their web of threats. Scammers may also choose misspellings of popular stores, such as Sears, Abercrombie and Fitch, and poison those search terms.  We also are seeing a lot more malware and phishing attempts through social networks like Facebook and Twitter. Of course, this makes perfect sense for malware distributors because that is where the target market is.

What services do you provide to businesses and shoppers?

Commtouch doesn’t provide services directly to end customers. However our messaging security, web security and antivirus technology powers the solutions of various providers. For example, Google has incorporated Commtouch’s Command antivirus into its email service, and Incredimail is using our antispam technology. Commtouch web security technology powers many of the toolbars that tell you that you if the website you are looking at or searching is are safe.

What’s the most important method of educating consumers during the holiday season?

The most important method of reaching consumers is to ensure they read publications like Silicon Angle.

What are some big takeaways moving beyond the holiday season?

Don’t click on links that look suspicious. Before you click, mouse over the link to make sure the link appears to match the link displayed on your page.
Phishers will write a link that looks legitimate, but the mouse over gives a totally different URL.
When using social media, do not accept friendships with people you don’t know, and ensure that your privacy policy is set such that only friends can see details about you.
Facebook is the perfect location for identity theft. It’s usually possible to find information like your birthday, your mother’s maiden name, and where you were born. For example, if your bank is using a secret question containing any of that information, you must be extra vigilant about who can access this data.

Even if your friends send an email or post on your wall recommending a specific product or shopping site, again, inspect the link. Their email or Facebook accounts may have been hijacked.  Purchase only through sites that you know are reputable and visit them by typing the name directly into your browser, rather than clicking a link.
We often see hijacked accounts used to send out “distress” email as shown below.  Before you wire money to some troubled friend or acquaintance, it’s worth checking that they are actually travelling.

Anything for mobile security?
Phones are turning into little computers; you can do almost anything on a mobile phone that you can on the laptop, but without the protection. It is very difficult to run an antivirus on your cellphone; the amounts of memory available/resources it takes to run most antivirus solutions are quite high.  It is just a matter of time before viruses specifically target mobile phones.
One problem is that many websites are not yet designed to appear “normal” on a cellphone, so a user may expect discrepancies in displays on the phone. Unfortunately, that “abnormal” site may not be the site you think and opens you up to phishing or malware installation.
Because of the security features (or lack of them) on a mobile phone, it is much easier to collect your personal data once the cybercriminal has accessed your phone.

[image credit b2b marketing]


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU