Chris Brook

About

"Distrust and caution are the parents of security" - Benjamin Franklin

6) (Anti) social networking

Social networks like
Facebook and Twitter are fabulous platforms for sharing information and
news. Retailers of all stripes have tapped into this and are using them to get the word out – virally – about discounts, sales and
in-store events. Unfortunately, mechanisms for vetting online reputation
haven’t quite kept up with the marketplace, which can make social networks an ideal platform for
social engineering attacks.

5) Duh. Patch.

Much
as we like to blame cybercriminals or unscrupulous merchants, much of the
responsibility for security is in our hands. In particular: we’re
responsible for the security of our computers and mobile devices. That’s
especially true when we’re planning to use those systems to go shopping online,
banking online or to transact other sensitive personal or financial business. Still,
consumers and even businesses are often slow to apply patches for core Windows
components, browsers and tools like Java, Adobe Acrobat Reader and Flash.

4) “S” stands for Safe(r)

Browsing a Web site
for offers is one thing. Actually buying merchandise is another matter entirely. Online transactions should be carried out securely, using encryption to scramble
the sensitive financial data you’re sending to the merchant’s Web site and that they’re sending to you. Before
entering your credit card information or clicking on “Send,” check to
make sure the e-commerce site you’re using has employed encryption, with a URL
that begins with “https://” indicating that SSL (Secure Sockets
Layer) encryption is being used.


Cyber criminals know that Web browsers are like mothers: everybody’s got one. They also know that if you’re shopping online, you’re using your Web browser to do it. That’s why
Web based attacks are one of the most popular kind avenue of compromise and
online. The good news is that most modern Web browsers already come equipped
with security features that can block most malicious content. The bad news? Lots of folks out there are running the browser
equivalent of a 1976 Chevy Nova.

Cyber criminals
realized long ago that people trust search engines like Google, Yahoo and Bing even after those sites and their results lists have been shown to be easy targets for scams. Attacks
that use search engine optimized (SEO) Web sites to spread malware are a growing
problem.

Cyber Monday is billed as the biggest online shopping day of
the year, with deep discounts from online merchants. But the truth is
that your online shopping isn’t anywhere near done now that its passed, any more than your in store shopping is done now that the 3:00 AM Black Friday door buster stampede has rumbled by. Of course,
cyber criminals and scam artists know this.

An issue with Google Apps over the weekend sent the company scrambling
to fix a hole in its Script API. The problem allowed a specific domain to
harvest the e-mail addresses of anyone who visited the site while logged into
their Google account, according to a report on InfoSecurity.