This Christmas looks like being a bumper one for online shopping but not everyone is filled with the festive spirit and some have already set online traps they hope you will fall into. Here are twelve cyber-scams to watch out for this Christmas: The first scam of Christmas is phishing They've been around for years and we've all received a version. Fraudsters send you a message and attempt to make you click on a link to a fake site or open some malware that infects your machine. They may be old but they have evolved and some are very cleverly targeted (known as spear phishing). Imagine you are placing orders on a well-known website for gifts. Suddenly you receive an email - apparently from that very site - saying that there is a problem with your last order and can you please "click here" to attend to the problem. Logos, email addresses, even the link might look genuine but you'll get more than you bargained for if you do as the email asks. Check twice and click once. The second scam of Christmas is the fake virus checker You search for that elusive gift, and finally you're led to a site that appears to sell just what your nearest and dearest want. But wait, a message flashes up saying that your machine is infected… but don't worry just download the free virus check shown and your problem will be solved. By downloading it you will actually be infecting your machine and your problems will only just have begun. Install a good virus checker before you go online. The third scam of Christmas is the fake upgrade As the Christmas spirit gets going we all send each other links to jokes and videos, on Facebook, by email and via Twitter. Now imagine you arrive at one of these sites and it tells you that you don't have the latest Flash Player so you can't watch that funny video, but not to worry click here and you can get your upgraded player immediately. Not only will this "upgrade" be malware but that malware will go on to send messages to all your friends telling them to go see the "funny" video. The fourth scam of Christmas is the "current news scam" People will use major world events to scam you out of money, regardless of how sad the event may have been. We saw it with Typhoon Haiyan in the Philippines. Difficult to believe in a season of goodwill but before the aid agencies had reached the poor people affected there were already scam emails and associated websites asking you to donate. They look genuine but don't be fooled. The money goes nowhere but to the scammers. The fifth scam of Christmas is the illegal "cracked" download Many will be buying laptops or other computing devices for under the tree. They are expensive and there are many tempting offers to buy incredibly cheap operating systems, office products or other tasty goodies. There are even more tempting opportunities to download "free" copies of "cracked" pirated software. However, not only are you likely to find that the download is an illegal copy - and may not actually run or has an invalid key - but also that it comes with a hidden present: malware. Buy from reputable sites and remember if it's too good to be true then it probably is. The sixth scam of Christmas is the drive-by download Sadly you do not have to agree to download software from a malicious site for it to happen. There are ways in which malware can be wheedled on to your machine just by visiting a site. We all roam randomly around the internet, especially when looking for presents, so it is hard to avoid such sites. However, try to watch for a trail that leads you into totally uncharted waters. It's difficult, but think before you click. And, keep your virus checker and your browser up to date. Both increasingly afford some protection again this type of scam. The seventh scam of Christmas is the fake free wi-fi For those who do venture out you will doubtless take refuge at some point in somewhere like a coffee shop, and often it appears to have free wi-fi. Such wi-fi connections should be considered insecure, so you should not visit any site where you need to enter credentials, card details or the like. All of that might be visible to others who can monitor your insecure connection to the free wi-fi. The eighth scam of Christmas is the wi-fi probe Something few realise is that when we connect our mobile phone to a wi-fi, it keeps a record of the connection. Thereafter if the device is not connected to a hotspot, it continues to send out requests to connect to all the previous networks to which it had linked. These can be read and we are revealing all wi-fis we have previously joined. In effect, your movements can be tracked and often your home network will even reveal where you live just by the name you have given it. Don't give scammers information they might use against you in some form of con. The ninth scam of Christmas is a combination of the last two If you keep your mobile wi-fi turned on there are methods whereby, as your mobile sends out a request to connect to a hotspot, a scammer can then pretend to be that very wi-fi. Your mobile is relieved to have found a connection it knows and so attempts to create a link, potentially giving away your wi-fi password. Worse still, your mobile might think it has a secure connection and start to send other data that can be picked up by the scammer. This and the two previous scams can all be stopped by simply turning off your wi-fi on your mobile's settings when not on a hotspot you trust. The 10th scam of Christmas is the insecure website Whether intentional or not, some websites still ask you for your credit card details - and much other valuable personal data - without offering a secure connection. Know how your browser tells you that you have a secure connection - look for the padlock symbol or change of coloured address bar or whatever it is. If you don't have a secure connection don't trust that site with your details. They either can't be bothered, in which case they don't deserve your custom, or they're a fake. Even if it is a secure connection make sure you click on the padlock symbol or similar to check that the site is registered to who you think it is. The 11th scam of Christmas is the Man In The Middle (MiTM) A Man in the Middle add-on may be watching over everything you are doing There is no point in having a secure connection to your bank or shopping site if there is a piece of software sitting on your machine that can read all of the data before it is secured for transmission. A particularly common MiTM scam is for a "helper" application that has been installed to make your life easier when using your browser. This helper may be helping itself to anything you enter on the screen. The safest way to avoid this is to ensure that you have no "add-ins" running. If you know how, you can try this by manually configuring your browser but there are tools available, often from the banks free of charge, to do this for you. The 12th scam of Christmas is the nastiest of them all: the phone call It is worth being sceptical about whether the person calling you is who they say they are You're having trouble with that new laptop you bought as a present. You've just about got it running but you can't quite figure out how to finish it off. All of a sudden the phone rings and a voice says: "This Microsoft/Apple/Google/Dell/HP we see that you have managed to connect to the internet using one of our machines/software but look like you could do with some support. We're here to help you. All we need is your username and password…" These scammers work on the principle that eventually they will find someone in exactly that position and upon receiving such a call the frustrated user is very likely not to question but rather welcome the caller. All this caller is trying to do is help themselves to your login details and steal valuable data from your machine. Sadly, there are more than 12 scams to watch out for, but be particularly aware of those scams that take advantage of the time of year. Context is everything to the successful scam. If it appears relevant, useful or personal it is much more likely to succeed. |
据英国广播公司报道,圣诞节是很多人的购物盛宴,同时也是很多骗子活跃的高峰时期。如今网络骗局层出不穷,不过万变不离其宗,其中12种特别值得警惕。 ***网络钓鱼 “网络钓鱼”盛行多年。骗子给你发送信息,让你点击一个虚假网站或者打开恶意软件。 这种把戏并不新颖,但是骗子们也在“创新”,他们学会针对特定目标人群,这就是所谓的“鱼叉式网络钓鱼”。比如你在一个知名网站下订单,突然收到一封邮件,乍看是这个网站发送的,邮件称你的订单有问题,可以“点击这里”解决。 ***虚假病毒检查程序 想象一下你上网给亲友挑选礼物,突然弹出一个消息框称你的电脑受到了病毒感染,需要下载一个免费的病毒检查程序解决问题。 事实上,如果你下载了这个软件,电脑才会真正的受到感染。对此,我们应该在上网前安装好病毒检查程序。 ***虚假升级软件 我们习惯在圣诞节给亲朋友好友发送笑话和视频链接。想象一下,你登录一个社交网站,它提示你没有最新的Flash播放器,无法观看搞笑视频,“点击这里”就可以升级播放器。 而这里的“升级软件”本身就是恶意软件,它还会发送信息给你的朋友,让他们也来看这个有“埋伏”的搞笑视频。 ***慈善骗局 骗子们还会用一些大的灾难来骗你的钱。很难想象,在台风“海燕”肆虐菲律宾后,竟有诈骗邮件和相关网站骗取人们的捐款。 它们看上去很真实,但实际上这些钱只会流进骗子的口袋里。 ***非法的“破解”软件下载 笔记本电脑及其相关设备都比较昂贵,骗子们就会提议你去购买便宜的操作系统软件、office办公产品等,并称你可以下载“破解”的盗版软件的“免费”副本。 然而,不仅该软件是非法的副本,而且可能隐藏有恶意软件。 因此,我们应该从有信誉的网站购买相关产品。 ***路过式下载 令人沮丧的是,即便你不同一个恶意网站下载软件,骗子也能得逞。路过式下载(drive-by download)是一个在未经你同意或你不知情的情况下自动下载到计算机上的程序。 这种情况很难避免,因此点击前一定要三思。此外,保持病毒检查程序和浏览器的更新也是一种有效的防护措施。 ***假的免费wi-fi 这种wi-fi很可能会出现在咖啡厅等地方,这种连接是很不安全的。你输入的凭据、卡的信息等重要资料都会被骗子获悉。 ***wi-fi探测 当我们把手机连接到wi-fi,就有了连接记录。以后手机如果没有连接到新的无线热点(Hotspot),它就会继续向此前连接过的网络发送请求。 这些连接记录都是可以读取的,这就意味着可以追踪你的行动甚至是住址。 ***免费wi-fi&wi-fi探测 如果手机wi-fi是开着的,手机会向无线热点发送连接请求,这时候虚假的wi-fi就可以趁虚而入,“假装”自己就是你所要连接的那个wi-fi。 这种情况下可能会泄露你的wi-fi密码。更糟糕的是,手机以为自己在安全网络中,它会传输一些数据,而这些数据又会被骗子截获。 所以如果身处一个无法信任的无线热点,请关闭手机的wi-fi设置。 ***不安全网站 一些网站会要求你给出信用卡的详细信息和其他有价值的个人数据,却无法提供安全连接。 要确定连接是否安全,可以查看挂锁标识和地址栏颜色的改变。 如果认为连接不可靠,不要给出详细资料。即便连接是安全的,也要确保点开的网站就是你所要上的那个网站。 ***中间人 如果你的电脑里有一个软件可以在安全传输前读取所有的数据,那么银行或者购物网站的安全连接就毫无意义了。 常见的“中间人”(MiTM)骗局就会将一个“Helper”软件安装到电脑里,让你使用浏览器时更加简单。 但是这个软件可以访问你输入的任何东西,为了避免它的干扰,最好确保没有“插件”运行。 ***来电不善 想象一下,你买了一台新的笔记本电脑,刚刚让它开始运行,但是无法上网。这时一个电话打进来,告诉你他们可以提供帮助,只要你提供用户名和密码。 事实上,骗子是想获得你的登录信息,并从你的电脑中窃取有用数据。 相关阅读 (玉洁 编辑:信莲) |