Friday, 10 May 2013

Don’t Fall for Phishing and Scams this Mother’s Day

Counting the days to Mother’s Day, I’m sure you already have something in mind on what gift to give to your sweet mothers. There may probably be a few who are still undecided on what to give and opted to search online for the best mother’s day gift. There’s nothing wrong with this as this is what Google coined the Zero Moment of Truth. A word of caution though, cybercriminals will not get past this occasion without preparing some scams and phishing attacks for unsuspecting young minds. While shopping online, make sure to be on the lookout for scam e-mails and phishing websites taking advantage of your kind heart.

Most often than not, scammers will set up online stores and blast e-mails with the intent of robbing your account details and credit card information. A recent report* showed that there have been recorded attacks since last week luring online shoppers to fall prey to a bogus link attached in e-mails. These Bogus links offer cheap flowers for Mother’s Day that says "Don't Forget Mother's Day - $19.99 Flowers.” When clicked, it redirects to a site selling masculine products such as cars, televisions, and the like. Should the shopper decide to push the purchase or checkout button, his/her credit card information will be stolen.

To keep you safe during this festive season, here are a number of must-read tips from GlobalSign:

  1. Pay attention to spelling and grammatical errors on the e-mail content and the e-mail address itself. Most scams are fond of using excess consecutive identical letters (e.g. Faceboook instead of Facebook) which are easier to overlook.

  2. Look for a digital signature in the e-mail. Digital IDs such as GlobalSign’s PersonalSign, use S/MIME technology to allow users to digitally sign and encrypt e-mails. The digital signature on the e-mail proves the sender’s identity. To know if an e-mail has a digital signature, just look for the certifying red ribbon on the upper right hand of the e-mail: 

  1. Do not directly click on the attached link on the e-mail body. It is best to either hover your mouse on the link to see the original URL on the lower left side if the screen, OR copy the link location and post it on your browser.

  2. Raise your level of security awareness. Check if the website has an SSL certificate installed. Generally, websites that have SSL certificates can be accessed with URLs that begin with "https", and a "padlock" will be prominently displayed in the browser's address bar indicating that the website has been encrypted through SSL technology and its identity authenticated. If an enhanced certificate such as Extended Validation SSL (EV SSL) is installed, the browser's address bar will be prominently displayed in green in addition to the above features,, enabling users to know that the website is using the highest level of security available at a glance. 

  3. *