Deprecated: Function create_function() is deprecated in /home/hidefide/public_html/blog/wp-content/plugins/wr-pagebuilder/core/core.php on line 127
{"id":912,"date":"2014-12-07T18:27:10","date_gmt":"2014-12-07T18:27:10","guid":{"rendered":"https:\/\/icaruspressblog.wordpress.com\/?p=912"},"modified":"2019-04-17T10:22:26","modified_gmt":"2019-04-17T10:22:26","slug":"spam-for-the-holidays-watch-out-for-scams-and-stay-safe","status":"publish","type":"post","link":"https:\/\/hidefideas.com\/blog\/2014\/12\/07\/spam-for-the-holidays-watch-out-for-scams-and-stay-safe\/","title":{"rendered":"Spam for the Holidays: Watch Out for Scams and Stay Safe"},"content":{"rendered":"

$\"HoHoHoliday\"$ It\u2019s that time of the year again, and no matter what holiday or tradition you choose to observe (or even if you choose to observe nothing), it\u2019s not unusual to spend time with friends and family, share good food, exchange gifts, and go out of your freaking mind in the process. The retail push that bombards us from September onward \u2013 a double entendre appropriately labeled \u2018Christmas Creep\u2019 \u2013 is a minefield of spam that sheds any dignity as it comes at us in many forms. Store displays, television ads, printed fliers, and of course, endless email messages, are merely directives from retailers informing us that while we\u2019ve been good all year, they fully expect us to go deep into debt come December 25^{th<\/sup>.<\/p>\n}

Sounds like fun, doesn\u2019t it? Call it Christmas, Hanukkah, Kwanzaa, or whatever you prefer, this time of the year will test even the strongest of us, leaving nothing but a quivering mass of jelly by the time it\u2019s all over \u2013 a likely reason why so many people voluntarily pickle themselves on New Year\u2019s Eve. If that wasn\u2019t bad enough, it\u2019s made worse by the sobering realization that, like retailers, scammers are out in full force this holiday season, preying on people who are so inundated with the stress and flurry of activity that they often can\u2019t tell the difference between a legitimate email and a spam message.<\/p>\n

Spammers are opportunists. They use human weakness to their benefit, exploiting people and capitalizing on the things that make us vulnerable. We see these exploits all the time, but no time of the year is more dangerous than right now. Brian Krebs<\/a> writes, \u201cMalware purveyors and spammers are blasting these missives by the millions each day in a bid to trick people into giving up control over their computers and identities.\u201d He\u2019s talking specifically about \u2018order confirmation\u2019 emails, and while those among us who live for security can spot these things from a mile away, remember that most people aren\u2019t attuned to the tactics of scammers, and they\u2019re not naturally skeptical.<\/p>\n

The order confirmation is particularly wily, and you have to admire it for what it is. Emails are blasted out to mailing lists, well-crafted messages designed to look like the real deal. Scammers choose retailers that trick people into believing it. Walmart, Amazon, Target, Costco, and so-on. These scams work because the general public is trying to deal with the flurry of activity and stress that come with the holiday season. Krebs points out that seasonal scams are \u201ca perennial scourge of the holidays, mainly because the methods they employ are reliably successful. Crooks understand that it\u2019s easier to catch would-be victims off-guard during the holidays. This goes even for people who generally know better than to click on links and attachments in emails that spoof trusted brands and retailers, because this is a time of year when many people are intensely focused on making sure their online orders arrive before Dec. 25.\u201d<\/p>\n

Krebs says that, according to security firm Malcovery, order confirmation scams typically began around American Thanksgiving in late November. Thanksgiving is the symbolic and de facto beginning of the retail feeding frenzy that engrosses people during the holiday season. The order confirmation scams, according to Malcovery, \u201cuse both booby-trapped links and attached files in a bid to infect recipients\u2019 Windows PCs with the malware that powers the Asprox spam botnet.\u201d Asprox is a Trojan that harvests credentials from infected machines, turning the host into a zombie and committing Asprox malware attacks. \u201cThe malware also deploys a scanning module that forces hacked PCs to scan websites for vulnerabilities that can be used to hack the sites and foist malware on visitors to that site.\u201d<\/p>\n

Keep in mind that this is just one of the many exploits that scammers utilize to compromise unwitting users. But it\u2019s worth detailing because of it\u2019s particularly nasty implications. People order online, and with each passing year, more people are realizing the benefits of staying home and making purchases in front of the warm glow of the computer monitor. Black Friday, the day after Thanksgiving, has always been the biggest retail day in the United States, and while it\u2019s recently taken off in other countries as well, this year saw a drop in Black Friday sales, while Cyber Monday (the Monday after Thanksgiving) has shown marked increases<\/a>, 15.7% over last year, according to one report. More online purchases means more likelihood that spam order confirmations will reach unwitting users who are ready, willing, and able to click those malicious links.<\/p>\n","protected":false},"excerpt":{"rendered":"