SonicWALL Releases Top 9 Tips to Protect Against Online Threats, Scams and Frauds this Holiday Season

1.  Purchasing and payments: This is a big one! Phishing for additional personal information such as your credit card number is common during the holidays. Phishing threats posing as communications from retailers like Amazon.com, eBay or PayPal will notify you that they "were unable to process your credit card transaction" or need more details to process your transaction. Be sure a site is secure and reputable before providing your credit card number online. Don't trust a site just because it claims to be secure*.

There are two general indications of a secured Web page:

A)  Check the Web page URL

Normally, when browsing the Web, the URLs (Web page addresses) begin with the letters "http". However, over a secure connection the address displayed should begin with "https" - note the "s" at the end.

B)  Check for the "Lock" icon

There is a de facto standard among Web browsers to display a "lock" icon somewhere in the window of the browser (NOT in the web page display area!)  For example, Microsoft Internet Explorer displays the lock icon in the lower-right of the browser window.

2. Holiday offers from your favorite retailer: Each year, anticipated holiday offers from spammers increase. Consumers may find "Special Shopping Offer" or "Special Discount" spam campaigns in their inboxes. But those may have nothing to do with a holiday bargain. Be aware that this may be a drive-by Trojan download. Never purchase anything advertised through an unsolicited email*. Ensure that the offer you receive is legitimate by double-checking with the Web site of your favorite retailer. If you do respond to a legitimate offer, use a primary email address for people you know and get yourself a secondary address for all other purposes. Never respond to suspicious offers, as this will confirm to the sender that your email address is "live."

3.  Social media threats: Social media applications are top destinations to browse. With access to Facebook and MySpace now accessible via mobile devices, consumers are easily able to upload and share photos and other online information. Be on alert when you get "nudges" and suggestions from "friends" to view pictures, receive special holiday "offers" or invitations to play "games." You may become the victim of a malware or a phishing threat. Also, be aware that phishers are using social media for spam related purposes as spammers are looking to attract names. Change your Facebook privacy settings and configure them to meet your needs; you never can be careful enough about who views your information.

4.  Discounted gift cards: With cash-strapped consumers looking at their wallets this holiday season, discounted gift cards may seem like an attractive gift option for stocking stuffers. Before you make your purchase, however, be sure that the Web site and the discounted offer are legitimate. Check with the retailer and use PayPal when making your purchase. If the site asks you to mail in an order or does not accept PayPal or credit cards, be aware, as you may become the victim of fraud.

5.  Greeting card threats: During the holiday season, the number of electronic greeting cards sent via email grows exponentially. Clicking on an e-card or video holiday card can direct you to a link, then ask you to download Adobe Flash, another type of animation or a PDF. This can install dangerous malware on your computer. No matter whether or not you know the sender - assume that suspicious links, Flash video, animation or any PDF card, document or invoice are potentially malicious and dangerous.

6.  Delivery threats (UPS and FedEx): This type of phishing threat (aka "Bredlow" or "Fake Antivirus" spam) takes the form of a friendly notice from UPS, FedEx or DHL. Typically, the email message includes a few lines such as, "We tried to deliver your package, but were unable to reach you. Please click here to reschedule your delivery." In the phishing case, once you click, malicious code gets installed on your computer and it will harvest your personal information. As with any online business transaction, never click on links that arrive unsolicited. When shopping or doing business online, instead go to the company website directly by typing the URL in your web browser instead of clicking on a link.

7.  Holiday-themed games and videos:  Consumers should be on the lookout for any "click here" messages associated with holiday games and videos, such as the Elf Bowling game. Do not open suspicious links. The links may open malware. For those asked to view videos, users may be asked to activate a plug-in and wait for a download of a java applet—essentially a fake video codec that may be cross platform malware or Java based malware.

8.  Popular Google search results: While Google and other search engines have taken precautions to eliminate URLs that contain malware, searches using popular keywords like "Christmas" can still result in the download of malware. For example, a search for "free printable Christmas stickers" may lead to links that initiate a malware attack. Make sure that your system is updated with the latest virus protection and the latest security patches.

9.  Harvest attacks after the holidays: Scammers frequently focus on November and December, the busiest shopping months, to gather email addresses of potential victims for later use in January. In fact, Trojan downloads are at an all-time high during November and December. Online shoppers should brace themselves for online fraud and phishing attempts during the second and third weeks of January—about the time December's credit cards bills arrive.