Welcome to day four of our Christmas CyberSecurity Tips – today our tips relate to Spam and Pharming:
Spam
Spam, spam, spam, spam… spam, spam, spam, spam…
If you’ve ordering any of your Christmas gifts online, you may find yourself receiving even more unwanted emails than usual. Vendors stand out emails to get you back when you order, and when you abandon a shopping cart (if they can identify you)… and when you get more emails, you might not notice a malicious spam message in the mix.
We all get spam sent to us, and although it’s not always something to worry about, it can be used to send you malware, or links to malware.
TorrentLocker is a member of the crypto-ransomware family, and it is just one of the types of malware that has been spread via spam emails from what might at first appear to be legitimate-looking companies.
Christmas CyberSecurity Tip #7: Don’t just rely on your email provider to filter out spam malware – make sure your anti-malware solution has a spam filtering service as a second scanner. Most anti-malware vendors have a product that offers MORE than their basic antivirus. Typically these types of spam filtering features are found in the mid to higher products offered by vendors.
Pharming
Like phishing, pharming is a type of online fraud but doesn’t require you to click on a bogus link sent via email. Instead, a malware system might sit relatively dormant on your computer until you visit your online bank. At that point, your request is redirected to a ‘look-a-like’ site, where you are prompted to enter your credentials.
This year, up to 40,000 Tesco Bank users became victim to pharming attacks and 20,000 had their money stolen by a cybercriminal enterprise which used a ‘banking trojan’ know as Retefe. Although Tesco Bank users were a major target, other banks were also targeted by the same cybercriminals.
We share the details of the attack and other websites targeted in one of our features published this November.
Christmas CyberSecurity Tip #8: If you see ‘certificate errors’ – check your computer carefully. You should not expect to see such errors, or be asked to install certificates to view a website. Run a quality antimalware solution and update it regularly.