With its versatility and wide-ranging options, more and more South Africans are using the Internet to shop for Christmas gifts – but they could be at an increased risk of losing money to cyber-crooks.
Online shopping symptomatic of a global trend, with IT consultancy Forrester forecasting the worldwide growth of online transactions to be 12,2% for 2009.
But, as its popularity increases, online shopping has become fraught with danger as cyber-criminals seek to exploit this new opportunity to make money.
According to CyberSource, fraudulent online transactions are growing at a rate of 20% per year, and in 2007 cyber-crooks benefited from these operations to the tune of $3,6-billion dollars.
"Among the most dangerous threats to users over the Christmas period are banker Trojans," says Jeremy Matthews, head of Panda Security's sub-Saharan operations. "These malicious codes are designed to steal confidential data such as banking passwords and account numbers and make this information available to criminals who can then steal money directly from users. This type of malware accounted for 20 % of all new malware that appeared during 2008."
Matthews cites phishing as being another type of fraud that users must be on the lookout for. These attacks use e-mails that appear to come from financial institutions and other reputable organisations but really redirect users to spoof webpages where they are prompted to enter their bank details. Fake online stores, which are also normally designed to steal users' bank details, represent another common threat. They often offer products at incredibly low prices to attract potential victims.
"During the festive season, users should also be on the lookout for spoof greetings cards created to distribute malware as well as infected P2P downloads and fake online auction offers," says Matthews.
To help prevent users fall victim to online fraud, Panda Security has drawn up a list of practical tips to bear in mind when shopping online:
* Keep your computer free from threats – Before carrying out an online payment, make sure your computer is not infected by viruses and Trojans, which could steal your credit card details or passwords. Make sure you have an antivirus installed that can detect all types of threats, and keep it up to date.
* Only visit secure web sites – If you are going to make an online payment, make sure the Web page is secure. Check that the address in the browser's address bar starts with "https". Also, a small closed padlock icon must be displayed in the status bar of the browser.
* Investigate – Before buying something from an online store, make sure the company is reliable. Do what you would do in real life: get the opinion of other customers. On the Internet, this is as simple as typing the name of the store in a search engine and checking the opinion of other buyers. If it is bad, don't buy there.
* Get a second opinion – Even if you have an antivirus, make sure your computer is genuinely clean by getting a second opinion. You could visit Infected or Not (www.infectedornot.com and run a free scan of your computer with Panda ActiveScan 2.0, capable of detecting even threats that have evaded detection from traditional antiviruses.
* Trust your instinct – Beware of bargains. If something looks too good to be true, it probably is too good to be true. Follow your instinct and if something looks like a fraud, don't buy it. Better to miss out on a "bargain" than to lose your money.