12 Scams of the Holidays

The holidays are one of the busiest times of year for online scammers. Not only do millions of consumers go online to shop, but many also let their guard down as they get caught up in the festive mood. Keep cybercriminals from taking the joy out of your holidays this year by familiarizing yourself with the top scams and how to avoid them.

1. Charity phishing scams
   Knowing that consumers like to give this at time of year, hackers send out fake emails requesting donations that appear to be from legitimate charitable organizations. However, these emails usually link to phony websites that take your money without passing it along to a good cause.
2. Holiday e-card scams
   More and more people are sending holiday e-cards instead of regular cards because they are convenient and “environmentally green.” Cybercriminals will send you an e-card, asking you to download an attachment to pick up your card. However, the attachment isn't really an e-card—it's malicious software ready that installs on your computer without your knowledge and wreaks havoc.
   
3. Email banking scams.
   Scammers are aware that during the holidays more people shop online and want to make sure their transactions are approved. Some bad guys send an official-looking email that asks you to confirm account information, including your username and password—often with ominous warnings that your account will become invalid if you don’t comply. Never respond to email requests for your personal or financial data.
4. Fake invoice scams
   During the holiday season, you may shop online, over the phone, or through catalogs. This is no secret to stealthy scrooges who try to trick you into giving away personal financial details through fraudulent invoices. These criminals send you an email with a fake invoice or delivery notification that appears to be from FedEx, UPS, or the U.S. Customs Service. The email asks you for your credit card details so that your account can be credited or requires you to open an invoice or customs form to receive the package. When you comply, your information is stolen or malware is unleashed on your machine.
5. “New friend request” scam
   With the holidays approaching, many people like to rekindle old friendships on popular social networking sites and are excited about receiving a message informing them that they have a “new friend request!” Unfortunately, scammers like to take advantage of users’ excitement and send out phony friend requests that appear to be from a social networking site but actually link to malware such as viruses, Trojans, and even keylogging software that can record your keystrokes, including passwords that you type in.
6. Dangerous holiday-related search term scams
   We often search the web for ways to spread holiday cheer, like downloading a Santa screensaver or holiday ringtone. However, you could be downloading a whole lot more than you bargained for, such as malware or spyware.
7. Job-related email scams
   Scammers know it’s nice to have a little extra cash around the holidays, so they send emails to entice job hunters with promises of high-paying jobs and work-from-home moneymaking opportunities. Once you submit your information to them, the scammers are off and running with your information—and your money.
8. Password-stealing scams
   Having your password stolen is a sure way to spoil your holidays. Thieves use low-cost tools to guess your password or deliver malware that records computer keystrokes (keylogging) as you input your password. And, according to the experts, virtual on-screen keyboards do not protect from keylogging.
   
   Once criminals have your password, they can access your bank, credit card, or other online accounts to take money from you. They can also use your accounts to spam your friends and networks.
9. Fraud via auction sites
   Hackers know that visits to auction sites increase over the holidays, so they often lurk on these sites, hoping to con you out of your hard-earned cash. If an item looks too good to be true, it probably is. Be sure to review the seller’s ratings and feedback. Also, pay with your credit card, since credit card companies usually reimburse you if there is a fraudulent charge.
10. Holiday-themed email attachments and spam
    This time of year, we are more apt to open emails that invite us to look at attachments containing holiday-themed pictures or messages. Scammers understand this and will try to lure you into opening these attachments or to click on links that download malware.
11. Online identity theft
    With so many people shopping online during the holidays, cybercriminals come out in force by setting up fake websites designed to steal your information and, ultimately, your identity. Be careful about sites that store your online information, and make sure you don’t shop from a public computer since other users may be able to access your stored usernames and passwords. To assess your risk of identity theft, take our Identity Theft Risk Assessment.
    
    One rule of thumb is to shop only from websites that use encryption, or scrambling, to protect your information. Make sure the website address begins with “https:” instead of “http:”. This indicates that encryption is being used. To read more tips for staying safe while shopping online, please visit here.
12. Ransomware scams
    We’re used to seeing more online scams around the holidays, so this latest trick takes advantage of our desire to keep our systems virus free. “Ransomware” is a Trojan that acts as though it is running a virus scan on your machine. It tells you that viruses have been detected and that you must pay for phony security software to clean your machine. Meanwhile, you are locked out of your system and you cannot open or access any applications until the payment is made.

How to Arm Yourself Against Holiday Scams, or Any Scams, Any Time of the Year:

1. Use common sense—If it sounds too good to be true, it probably is. If you’re ever in doubt about something being legitimate, don’t click on it.
2. Educate yourself—Keep up-to-date about the latest scams and tricks cybercriminals use to grab your information so you can avoid potential attacks.
3. Use a comprehensive computer security—You need complete protection that includes anti-virus, anti-spyware, anti-spam, and a firewall and make sure it is up to date. Software like McAfee® Total Protection can help protect you from malware, phishing, spyware, and other common and emerging threats.
4. Practice safe surfing—Use a safe search plug-in like McAfee SiteAdvisor® software to warn you of a website’s safety rating before you access it. SiteAdvisor uses intuitive red, yellow, and green checkmarks to rate websites when you search for them.
5. Practice safe shopping—Don’t divulge unnecessary information on e-tailer sites. Make sure you check for trustmarks, like the McAfee SECURE™ mark, which indicate that the site has been verified as safe by a trusted third party; look for a lock symbol; check the web address for “https”; and use a credit card for payment.
6. Create strong passwords—Use complex passwords consisting of a combination of letters, numbers and symbols, and vary them between accounts—and never share your password with anyone.
   
7. Click with caution—When you’re checking your email or chatting over instant messenger (IM), be careful not to click on any links in messages from people you don’t know.
   
8. Be suspicious—Even if you consider yourself cyber savvy, you still need to keep your guard up for any new tricks and be proactive about your safety.

To learn more about how to stay safe online, visit the McAfee Security Advice Center at www.mcafee.com/advice.

Read more...

McAfee, Inc. First to Deliver Network Security IPS Solution with Integrated Zero-Day Malware Protection

Full Spectrum Network Defense Solution Offers Behavior Analysis and Global Threat Intelligence

SANTA CLARA, Calif., December 08, 2009 - McAfee, Inc. (NYSE: MFE) today announced the McAfee Full Spectrum Network Defense solution, which delivers on McAfee’s commitment to be the world’s leading network security vendor. This announcement features major enhancements to the McAfee® Network Security Platform, including day-zero malware detection, network threat behavior analysis, and application-level security. The solution includes Network IPS, User Behavior Analysis, Network Threat Behavior Analysis, Network Access Control, and McAfee Firewall Enterprise.

"Organizations typically lack the ability to see the full spectrum of network threats,” said Charles Kolodgy, research director at IDC. “They need deeper insight into the whole set of threats in order to provide full protection for critical business systems such as data centers. Integrating threat detection provides full visibility when inspection isn't enough or when it isn't feasible for cost or scalability reasons. In an incredibly dynamic threat environment, the ability to detect malware in real-time can provide tangible benefits.”

Today’s announcement reinforces McAfee’s innovative approach to solving the toughest challenges in network security. Full Spectrum Network Defense is the first solution to integrate a network intrusion prevention system with behavioral analysis tools to provide additional visibility across the network, real-time threat protection technology, and enterprise risk assessment tools.

“Customers have come to rely on McAfee for the best network protection available, and our commitment to them is to continue to innovate and break the molds of traditional Network IPS and firewall capabilities,” said Dan Ryan, executive vice president and general manager of the Network Security business unit at McAfee. “With Full Spectrum Network Defense, we are reinforcing that commitment by integrating best-in-class security technologies into our network defense products. We will continue to deliver on customer demand by providing powerful new tools that extend visibility into the vast unprotected areas of the network.”

Industry-Leading Advancements in Network Security

Full Spectrum Network Defense identifies traffic, users, content and applications, and defends against any threats that may exist across the network. The solution is powered by McAfee® NetPrism technology, McAfee’s patented protocol analysis approach to network threat protection, and features enhanced interlock between network security, endpoint security, and global threat intelligence, to deliver the world’s most advanced threat protection. New features being announced in the Full Spectrum Network Defense Solution include the following benefits:

Real-time malware protection - McAfee is the first and only vendor to offer day-zero malware protection, enabled by McAfee® Artemis technology, which is tightly integrated with IPS. Supported by threat sensors distributed around the globe and McAfee’s proprietary threat analysis, IPS is able to provide ‘pre-protection’ against zero day malware, in addition to our leading vulnerability-based network protections.

Network Threat Behavior Analysis – McAfee is releasing a new set of threat analysis appliances, which provide a comprehensive way to inspect the entire network for threats and correlate network behaviours. Additionally, McAfee is the only vendor to provide Layer-7 flow export. This, when coupled with network flow data, empowers security analysts to ‘turn on the lights’ across the network with visibility into users, data, and applications.

Integration with McAfee Risk Advisor – McAfee’s unique decision support tool empowers administrators to immediately identify which systems are vulnerable to an attack that is underway. By analyzing the vulnerability state of endpoints and the countermeasures currently deployed, this new feature will enable IPS administrators to rapidly deploy a signature to ensure protection of devices pre-patch.

Network Security Management - The single Network-centric console manages all aspects of the solution, including real-time threat analysis and integration of global threat intelligence feeds. McAfee IPS and behavior analysis solutions are the only solutions that offer native integration with McAfee® ePolicy Orchestrator™ security management console.

Availability

McAfee Network Security Platform M-series appliances are available today, with Version 6.1 software available in December. Pricing for the Network Security Platform M-series starts at $10,995 US. Network Security Platform T-series is generally available in Q1 of 2010, with pricing starting at $26,995. Exact pricing depends on customer requirements, selected model and associated add-on modules.

About McAfee, Inc.

McAfee, Inc., headquartered in Santa Clara, California, is the world's largest dedicated security technology company. McAfee is committed to relentlessly tackling the world's toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. http://www.mcafee.com

NOTE: McAfee, Artemis, NetPrism, and ePolicy Orchestrator are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks may be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied.

source:http://newsroom.mcafee.com/article_display.cfm?article_id=3603

Read more...