Hackers Ask 'Will You Be My Valentine?'

With Valentine's Day around the corner, cyber criminals are ramping up spam, phishing, and other attacks targeting the lover's holiday.
  • Tony Bradley (PC World (US online))
  • — 10 February, 2012 07:02

There are only five days to Valentine's Day. Those of you who are shocked by that revelation are prime targets for Valentine's Day related spam and phishing attacks as hackers hope to catch you with your guard down for this day of romance.

Messages targeting Valentine's Day are expected to quadruple globally in the coming days -- in part because cyber criminals are adept at targeting holidays and current events as bait for attacks. An offer for a dozen roses for $5 might get some traction any time of the year, but with the clock quickly counting down to Valentine's Day it has much higher odds of duping frantic lovers in search of a last minute gift.

A blog post from McAfee warns, "Many consumers look for a little romance on Valentine's Day, whether it is a thoughtful gift, a romantic getaway, or a heartfelt e-card, but if you're looking for these things online, beware."

McAfee points out a number of types of Valentine's Day themed threats you should be aware of:

Phishing Scams

Attackers will send out spam promoting bargains for flowers, romantic dinners, jewelry, or other Valentine's Day gift related themes. Clicking on the offer might take you to a malicious site that could compromise a vulnerable PC, or it could take you to a site that looks legitimate, and asks for your credit card, and other personal information to "complete the order".

Malicious eCards

Any holiday that traditionally involves giving and receiving cards is a prime target for cyber criminals. Everyone loves to receive a personalized greeting card -- especially if it seems to be from someone that may be romantically interested.

Seriously, though, what are the odds that someone you don't know decided to send you an ecard for Valentine's Day out of the blue? Right.

Mr. (or Mrs.) Wrong

Another scam to watch out for are fake profiles on online dating sites. Cyber criminals create online dating profiles designed to be as attractive as possible to lure unsuspecting love seekers. The idea is to make connections, and establish trust as a means to further criminal activity.

McAfee outlines some additional threats to watch out for in its blog post. To steer clear of Valentine's Day cyber threats, follow the basic principles of online common sense. Don't open emails or file attachments, or click on links from people or sources you are not familiar with -- and even if you do know the sender, think twice about whether that person would really send you a Valentine's Day email.

Another basic rule is that if it sounds too good to be true, it probably is. Don't fall for unbelievable last minute Valentine's Day gift ideas no matter how desperate you are for a gift.

Protect your wallet, your identity, and your heart by avoiding Valentine's Day cyber scams.

Tags: antispam, malware, mcafee, phishing, security, spam, viruses

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CSO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
CSO Corporate Partners
  • FirEye
  • Clear Swift
  • Trend Micro
  • Sophos
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Deep Security - Enterprise Virtualization Security

Advanced protection for physical, virtual and cloud servers

more »

Submit your own security event

Submit your training courses

Security Awareness Tip
Clearswift tips: Guidelines for introducing and policing an effective IT Policy

1. Make it clear that the policy is not about playing ‘Big Brother’ but to ensure the security of employees, company information and data and to safeguard the company’s reputation.
2. Invest time to get buy-in from managers and their teams.
3. Convey the message of flexibility – with regard to social media, it is not about blocking staff usage but working in everyone’s interests to ensure that threats are contained.
4. Introduce a regular company-wide training programme that everyone attends at regular intervals throughout the year, not merely as part of an induction programme.
5. Within the training programme make sure that there are specific examples to demonstrate each rule or regulation, and that there is a clear explanation of the dangers of casual or careless talk on social networking sites. Again use examples, employees need to understand the consequences of raising a throwaway comment that has negative connotations for the business, as much as they need to be aware of dangers of making a more direct but ill-considered attack on a competitor, regulator or even a fellow colleague. They need to be clearly advised on any impact on the company and/or legal action or inquires that may be raised as a result.
6. Alert employees to any changes in policy through regular clear communication.
7. Reinforce the operational policy guidelines regularly, cover everything from blogging to Facebook, LinkedIn and Twitter.
8. Ensure that the rules are fair and that they apply throughout the business.
9. Enforce the rules – if there is a deliberate or malicious contravening, disciplinary action needs to be taken. A policy isn’t worth having if it is seen to be lax and unenforced.
10. Review the policy regularly to ensure you keep up to date with new systems and technology.

Phil Vasic is Regional Director, APAC, at Clearswift, the software security company www.clearswift.com
Security ABC Guides

7 Ways to Protect Your Business Printers

Can a hacker burn down your business by remotely setting one of your printers on fire? Researchers at Columbia University have recently proposed such a scenario, although HP quickly denied that it's possible. However, even if your printers can't be used as remote firestarters, there are many risks involved in networking a printer.

Read More
more »