Monday, November 14, 2011

McAfee Warns Consumers of the Twelve Scams of Christmas

Just in time for the holiday season Gary Davis at McAfee has put up a blog post that Warns Consumers of the Twelve Scams of Christmas.

Now most of these are not Telecom Related there are a few I would like to point out 3 of them as being Telecom Fraud related:

1. Mobile Malware:
Malware is not new, it has been around in the PC world for a long time, but now that there are enough smartphones around to make it worthwhile financially to attack them.

That said, be aware that Gary mentions that a new cell phone specific attack has started:
New malware has recently been found that targets QR codes, a digital barcode that consumers might scan with their smartphone to find good deals on Black Friday and Cyber Monday, or just to learn about products they want to buy.

2. Malicious Mobile Applications:
I have written about this before when Symantec broke the story about the phony Netflix Android apps.  Just to show this is not a problem for Android alone, recently there was a story about someone who created InstaStock, a Stock Ticker app, for the iPhone that was designed to  
A researcher with the security firm Accuvant, Miller had rigged the app to connect to a server in his St. Louis home and to receive commands to perform a number of devious tasks, including reading an iPhone's files, making a phone vibrate and remotely downloading the pictures and contacts stored on the device of a person running the app.
7. Holiday Phishing Scams
Again Phishing is not new, and I have written about it in the past, but Gary has pointed out 3 specific ones related to the holidays you should watch out for:
A common holiday phishing scam is a phony notice from UPS, saying you have a package and need to fill out an attached form to get it delivered. The form may ask for personal or financial details that will go straight into the hands of the cyberscammer.
Banking phishing scams continue to be popular and the holiday season means consumers will be spending more money—and checking bank balances more often. From July to September of this year, McAfee Labs identified approximately 2,700 phishing URLs per day.
Smishing –SMS phishing—(in the US it is Text Phishing) remains a concern. Scammers send their fake messages via a text alert to a phone, notifying an unsuspecting consumer that his bank account has been compromised. The cybercriminals then direct the consumer to call a phone number to get it re-activated—and collects the user’s personal information including Social Security number, address, and account details.

Again none of these are new, and there have been email variants of them all. All 2 have the intention of tricking you out of information that can be used to access your bank account, but the SMS one has an additional cost in that it asks you to call a phone number which in and of itself can cost you significant money.

The phone number that they have you call can be a premium or other high cost number that can charge you at least $1 per minute. So pay attention to the number to make sure it is not one you want to avoid (examples are 809, 900, etc.).

I recommend you read his article if only for the refresher of all the hazards out there at the holiday season and how to protect yourself from the ones I have not mentioned.