12 scams of Christmas the cyber criminal might send to you

One charity phishing: taking advantage of charities’ pushes for extra donations over the holiday period: hackers send emails that appear to be from charitable organisations, such as the Red Cross, the Salvation Army, and Oxfam that direct consumers to fake web sites designed to steal their money. The advice: go direct to their web site: don’t click on a link. Two email banking scams: the bad guys send an official-looking email that asks consumers to confirm account information, including user name and password. They may try to fool viewers into thinking that if they don’t comply, their account will become invalid. Never give your account details. Three holiday e-cards: few realise the dangers of e-cards – but unfortunately, there are plenty, such as clicking the link taking you direct to a malicious web site that tries to download Trojan software. Check for errors in the message, unknown senders or senders with bogus names and odd-looking URLs. And if in doubt, don’t. Four fake invoices: fraudsters will attempt to get your personal financial details through fake invoices using a variety of messages, such as couldn’t deliver the parcel. You’re asked if you wish to cancel the order – and confirm your card details to do so. As usual: never give card details to unexpected emails of this type. Also, ensure that your Internet security software is up to date to help spot Trojans and other forms of malware if you have opened a bad attachment. Five new friends: particularly with popular social networking sites, users are open to ‘new friend’ alerts that, yet again, lead to downloading malicious software that you can’t even detect. Stay away from friends you don’t recognise. Six Christmas-related search terms: ‘free Santa download’, ‘free Christmas screensaver’ etc is increasingly the trigger for clicking on adware, potentially unwanted downloads, or much worse, spyware. Make sure your searches are guided by McAfee SiteAdvisor software, says the firm. Seven coffee shop cyber criminals: while most people apparently like gingerbread lattes while surfing the Net at their local coffee shop, most are not aware of the dangers of unsecured wireless networks. Packet sniffers can see which web sites users are visiting, the passwords they are using, and what bank accounts they are accessing. Eight password stealers: 53% of consumers use the same password for multiple web sites or online services despite the existence of free or low-cost tools that make it easy for criminals to use that information. McAfee Avert Labs says attackers go after passwords for banks and e-commerce sites, online role playing games, IM and social networking sites. Nine auction site frauds: increased activity over the holiday season makes it essential to read the security and safety policies from auction sites, such as eBay, to ensure that you protect your account and buy safely. And that includes carefully reviewing the sellers’ ratings and feedback, and paying using a safe payment method such as PayPal. Ten holiday themed email attachments: Christmas-inspired subject lines tend to get users rising to the bait, so beware of emails that prey upon your holiday spirit, inviting you to look at homes bedecked with lights or PowerPoint presentations with holiday-related subjects. Last year, an email made the rounds with a PPT entitled ‘Christmas Blessings’ that contained malicious software. Eleven online identity thefts: sites that store your personal information can be vulnerable to cybercriminals who hack in and steal your identity. McAfee advises looking out for the McAfee Secure trust mark, which appears on more than 80,000 sites that pass daily testing for more than 10,000 known hacker vulnerabilities. Twelve laptop thefts: never leave your laptop in sight in your car – and invest in products that safeguard important files – photos, music and bank/credit card materials.