Cybersecurity

Feds warn shoppers of holiday cyber scams

The government is warning shoppers of cyber scams ahead of the Thanksgiving weekend and start of the holiday shopping season.

The month between Thanksgiving and Christmas represents “the biggest weeks for online spammers and scammers,” as 80 percent of annual online sales occur during that period, said Andy Ozment, assistant secretary of cybersecurity for the Department of Homeland Security, in a blog post Wednesday.

{mosads}Much of the shopping — and scams — go down this weekend.

The National Retail Federation expects 141 million people to make online or in-person purchases between Friday — known as Black Friday — and Sunday.

And on Monday, a day of deep Internet discounts dubbed Cyber Monday, half of adults are expected to shop online.

“The best gift you can give yourself and your family is the gift of online security,” Ozment said.

Never make a purchase over public Wi-Fi networks, like the ones you find at many coffee shops, Ozment cautioned.

“Your information can easily be accessed by hackers on a public network,” he said.

When making any payment, “look for the lock,” Ozment added. Websites using “HTTPS” encryption will feature a small image of a lock to the left of their URL.

HTTPS uses open-source encryption software to prevent outside snooping and common cyber attacks.

Many major Internet companies, such as Facebook and Google, have made HTTPS the default for all of their traffic.

But most websites, including major retail sites such as Amazon and Macy’s, do not secure most of their web traffic with HTTPS. They do, however, encrypt checkout pages when credit card information is required.

The URLs of retail sites can contain other clues of a pending scam, Ozment said.

Check out the end of the web address. A “.com” is normal for online retailers. Many scammers trick shoppers with imitation sites that are registered with different tags, such as “.net,” Ozment warned.

Security firm Proofpoint noted this week it was already seeing an increase in scams ahead of Cyber Monday.

For instance, a fake “Amazon Gift Card” Facebook page, takes customers to a URL where they are asked to download a file to redeem their gift card. Instead, the computer gets infected, compromising its information.

“Cyber Monday is another opportunity for scammers and malware authors to capitalize on popular interest and social media to spread their malicious software and fleece credulous consumers,” said the California-based company. “We will see more of the same for Cyber Monday.”