As the festive season approaches, Australians should be cautious of hackers looking to steal both Christmas joy and money.
Andrew Hastie MP, Assistant Minister for Defence, has warned Australians to be aware of Christmas grinches who attempt to steal money and personal information through online shopping fraud.
“We all love browsing online for a bargain and it’s a convenient way for many of us to do our Christmas shopping at this time of year, but if you are not alert you could get taken in by fraudulent deals,” Assistant Minister for Defence Hastie said.
According to the Australian Retailers Association and Roy Morgan, Australians are expected to spend more than $58 billion on pre-Christmas shopping, with internet sales accounting for a sizable share.
Australians cannot afford to be complacent, with those aged 25-45 accounting for nearly half of all online retail scam victims.
“Last financial year the Australian Cyber Security Centre (ACSC) received over 11,000 reports of online shopping cybercrime, making up about 17% of all reports to the ACSC’s ReportCyber during this period – and one cybercrime was reported every eight minutes.”
“If an online deal seems too good to be true – it probably is.”
For individuals | How to Stay Cyber-Safe This Christmas:
Be Wary of Holiday e-Cards:
The Cyber-Grinch has been known to deliver malware-infected Christmas e-cards. When you click on a link, your computer gets transformed into a Grinch-bot!
News Headlines for the Holidays or the End of the Year:
‘Tis the season to be duped by an email that appears to be from a friend or a big news outlet. You click on the too-good-to-be-true sale, and you’re infected with malware!
Fake Banking Emails:
Is your banking institution truly sending you a unique Christmas present if you click on a link and “confirm” your username, password, and account numbers this season? Hmm, don’t think so.
The Christmas Phish:
This isn’t the tasty fish that many Europeans offer at Christmas. It’s a unique “phish” created just for you. It aims to persuade you to fill up the gaps with all your private information! It can be seen in the form of a fake email from Amazon, Australia Post or others.
The Christmas Charity Scam:
No, the Cyber-Grinch isn’t raising funds for Cindy Lou this year. If you get an email from a charity you’ve never done business with (even if you’ve heard of them), don’t assume it’s legitimate. Legitimate charities will not send emails to clients who have not previously consented and subscribed to their mailing lists.
Amazon Ads:
Do you shop at Amazon? Be wary of fake emails claiming to be from Amazon informing you that your item has been delayed due to incorrect delivery information. These hackers want you to click on the link and submit your personal contact information and credit card details.
Free Wi-Fi:
After a long day of shopping, all you want to do is relax for five minutes, drink a cup of coffee, and surf the web. And then you notice a business with free Wi-Fi. What you don’t realise is that the security on this “free Wi-Fi” is non-existent, and the Cyber-Grinch is lurking around, waiting to steal your information.
For businesses | Act within your organisation:
- Utilise and enforce multi-factor authentication for remote access and administrative accounts.
- Make secure passwords a must, and ensure they are not repeated across several accounts.
- Determine which IT security personnel are available on weekends and holidays in the case of an incident or ransomware attack.
- If you utilise remote desktop protocol or any other potentially dangerous service, be sure it is secure and well-monitored.
- Remind staff not to click on questionable links and hold awareness drills to reduce the risk of human error. A single session of anti-phishing training, according to Lookout, resulted in 50% fewer clicks on phishing URLs over the next 12 months.