Home > Cyber News > Christmas Malware 2017: Types of Scams to Keep Away From

Christmas Malware 2017: Types of Scams to Keep Away From

Black Friday is a reminder that the winter holidays are near. Christmas means presents, presents mean shopping, which for various reasons often happens online. Unfortunately, the ever increasing number of people shopping online means more scams specifically designed to target people’s credit card numbers and personal information. So, users should be on the lookout for scams especially on shopping spree days such as Black Friday and Cyber Monday.

Related Story: Surviving Christmas Malware

Phishing remains one of the most common attack vectors. Scammers are typically posing as e-commerce and consumer brands. Users are often flooded with fake offers and gift cards. This fraudulent behavior is designed to successfully circumvent security measures that the targeted brand has employed. This is done by using URL shorteners and redirection chains. As a result, thousands of potential and active online users are flooded with spammy messages.

Familiar brands such as Amazon are often leveraged in such scams.

In one relatively recent example crooks were targeting Amazon buyers and were either setting up independent seller accounts or hijacking reputable existing ones. Once this was done, scammers offered expensive items at unbeatable prices.

Related Story: Beware! Amazon Phishing Scam Lures Victims with Unbeatable Prices

Another Amazon scam that has been circling around the web is referred as the ‘Amazon Offers 50% Off Coupon’ scam.

The scam has adopted a distribution method that has proven to be very effective – via forwarded emails and social media posts. Of course, as with many other ‘seasonal’ scams, the victim is first asked to complete a survey. Thus, experts are calling these types of scams survey scams.

A typical action required by the user is interacting with the ‘share’ button on social media such as Facebook, or leaving a comment. Such scams usually employ fake profiles that have written fake comments claiming that the offer/survey is real and that they have received their award. Never fall for such claims, as you will compromise both your identity and your computer.

Related Story: Beware of Amazon Offers 50% Off Coupon Scam

Gmail has also been targeted by phishers. In January, security researchers at Wordfence detected a highly effective and massively spread phishing technique stealing login credentials for Gmail and other services. Other services were targeted as well. It’s a typical phishing scam where the attacker would send an email to a Gmail account. The email may appear to be sent by someone the target knows, and that’s because their account has been hacked. The email may include an attachment of an image. Upon clicking on the image to preview it, a new tab will open up and the user will be prompted to sign in to Gmail again. The location bar shows the following address: accounts.google.com, so even the experienced eye may be misled.

Related Story: Gmail Phishing Attacks 2017: How to Recognize the Scam

New versions of the well-known “RayBan virus” distributed on Facebook keep on being detected. The virus is related to a scam that aims to control the Facebook accounts of victims to send images of RayBan sunglasses on discounts. In case your Facebook profile shares photos keep in mind that your account may have been compromised by this nagging pest.

Related Story: Remove RayBan Facebook Virus Scam (Update November 2017)

Domain squatting and malware distribution are also on the rise during holiday season

Zscaler researchers recently noticed various examples of attackers domain squatting “.blackfriday” TLDs.

“Domain squatting” is the act of buying up domain names that are visually similar to the names of legitimate websites or companies, typically with the intent of defrauding users or convincing them that the content on the domain can be trusted. The multitude of new top-level domains (TLDs) that ICANN has made available has given criminals many opportunities to grab up domains that are identical or similar to real company websites, but with a different TLD suffix.

As explained by the researchers, most relevant this season is the “.blackfriday” TLD which is meant specifically for pages dealing with Black Friday sales, and is typically deployed by various corporations to link to sales on their online stores or to Black Friday marketing content.

What happens is that fraudsters are leveraging this fact by registering domains such as google[.]blackfriday to distribute phishing pages and malware. The type of malware usually spread by this malicious behavior is information stealers in the form of Trojans. Stolen user credentials may later be used in a range of malicious scenarios.

Prevention against Seasonal Scams and Phishing

As pointed out by security researchers each year during the winter holiday season, users are specifically threatened in the winter by malicious campaigns and various types of fraudulent online activities. These scams are usually luring users into clicking on web links and opening email attachments which are typically loaded with malware.

To increase the success of their campaigns, attackers leverage topics that are popular during the Christmas holidays and are all about delivery of gift cards, shipping notifications, offers and discounts, etc.

To minimize the risk of such scams, all users, especially the active online shoppers, should consider implementing a powerful anti-malware solution on their systems. The tips listed below also serve as great precautionary methods against scams and malware:

  • Make sure to use additional firewall protection. Downloading a second firewall is an excellent solution for any potential intrusions.
  • Make sure that your programs have less administrative power over what they read and write on your computer. Make them prompt you admin access before starting.
  • Use stronger passwords. Stronger passwords (preferably ones that are not words) are harder to crack by several methods, including brute forcing since it includes pass lists with relevant words.
  • Turn off AutoPlay. This protects your computer from malicious executable files on USB sticks or other external memory carriers that are immediately inserted into it.
  • Disable File Sharing – recommended if you need file sharing between your computer to password protect it to restrict the threat only to yourself if infected.
  • Switch off any remote services – this can be devastating for business networks since it can cause a lot of damage on a massive scale.
  • If you see a service or a process that is external and not Windows critical and is being exploited by hackers (Like Flash Player) disable it until there is an update that fixes the exploit.
  • Make sure to download and install the critical security patches for your software and OS.
  • Configure your mail server to block out and delete suspicious file attachment containing emails.
  • If you have a compromised computer in your network, make sure to isolate immediately it by powering it off and disconnecting it by hand from the network.
  • Turn off Infrared ports or Bluetooth – hackers love to use them to exploit devices. In case you use Bluetooth, make sure that you monitor all of the unauthorized devices that prompt you to pair with them and decline and investigate any suspicious ones.
  • Employ a powerful anti-malware solution to protect yourself from any future threats automatically.


Malware Removal Tool

SpyHunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree