Fortinet’s Online Shopping Tips for a Safe Cyber-Holiday Season

MALAYSIA, 5 December 2011 - Only 26 days left until the end of the year and despite the current economic environment, no question to avoid the festive gifts! Malaysian consumers will again go through their shopping list and are expected to shop massively online since the Web is seen as a way of buying cheap. This year, 2 out of 3 Web users in Malaysia will purchase their festive holiday gifts on the Internet*. So, now is a good time to remind a few basic online shopping safety tips that could prevent your computer from becoming infected and/or your banking details from being stolen.

1. Beware of scams and unsolicited offers: The festive year-end holiday shopping season is undoubtedly the best time to be tempted by spam emails offering fantastic deals such as: “Great Deal on iPads… 50% off!”. Be careful! The advertised website could be malicious, and download malware to your computer. Or it could be a mere scam, meaning you would never receive what you ordered! Follow the old saying: if an offer is too good to be true, it probably isn't. Especially if you didn't solicit it in the first place...

2. Do not trust the search engine results: Search Engine Optimization (SEO) attacks are a way for cybercriminals to game a search engine’s ranking algorithm in order to push websites to the top of keyword search lists. Take note that terms such as “Holiday Sale,” “Christmas bargains,” “Chinese New Year” or “Year End Specials” found on search engines could immediately compromised your computer if you click on the links.

So, exercise caution before rushing to a website returned by a search engine upon feeding it with typical X-mas key words – it could be malicious. If in doubt, prefer well-known, trusted online shops.

3. Emails can turn your best friends into your worst enemies: If you receive an email from one of your friends saying “Hey, check out the holiday sale going on here!” or “This place has a 50% off Christmas sale!” Be careful! Her/his computer is perhaps unknowingly infected by malware programmed to comb through email address books and send malicious links to everyone in them. By clicking on the link you could be taken to a malicious Website that phishes or installs malware on your system, such as Trojans, bots, keyloggers and rootkits, which are designed to harm systems and steal your personal information.

Here again, use some common sense. Does your friend normally update you on when sales and/or bargains abound? If not, delete the email and inform your friend that her/his computer might be compromised.

4. Beware of Wi-Fi hotspots: If you decide to take advantage of some free time at the airport, in a coffee shop or in your hotel to surf for online shopping via your smartphone or tablet, beware of connecting to an unknown hotspot! Such hotspot is unsecure and allows hackers to capture any and all data that’s flowing to and from the hotspot, enabling them to steal personal and confidential information (logins, passwords, email messages, attached documents) stored on your mobile device.

So, prefer locations that offer secure wired or Wi-Fi connections. Also, before entering your credit card details on websites, check that the URL for the page begins with "https://" and not "http://." That "s" indicates that your connection is encrypted end-to-end, and cannot be eavesdropped on.

* Annual survey conducted in October 2011 by the Fevad and Médiamétrie// NetRatings on Internet purchasing intentions for Festive 2011 holidays.