News & Features


Shopping Online for Your Valentine Can Lead to Cybercrime: How to Protect Your Identity from Heartless Hackers

It’s that time of year when Cupid’s arrows send millions of love struck consumers online to buy something special for their Valentine. But these days, there’s a good chance that cute little cherub infecting us with the love bug could be a cybercriminal in disguise.

Hackers Exploit Your Habits and Your Heart to Get to Your Wallet

Valentine’s Day is one of the biggest gift-giving holidays of the year. And hackers know the quickest way to your wallet is through your heart. So they use social engineering techniques to manipulate your emotions, getting you to reveal your personal financial information or log in credentials. The January Symantec Intelligence Report found that spammers and malware authors use holidays and major events to make their messages more appealing. That increases the likelihood that consumers will visit spam websites or become infected. That’s why the percentage of spam emails with the word “Valentine” in the header rose dramatically between January 20th and February 7th of last year, according to the Internet security provider McAfee.

Habitual Activity Online and Cybercrime Go Hand in Hand

Not surprisingly, the prime targets of phishing scams are consumers who live a good part of their lives online, according to a 2011 study called “Why Do People Get Phished?” published in the journal Decision Support Systems and Electronic Commerce. The study was conducted by communication researchers at four major universities. Its findings: If you get a lot of email, habitually respond to a good portion of it, have a lot of relationships and do a large number of transactions online, you’re more vulnerable to email phishing exploits than those who limit their online activity. Does that sound like you?

Watch Out for Valentine’s Emails from “Friends” You Don’t Know

Imagine you’re online at home or at a Wifi hotspot. You get an email advertising “Valentine’s Day Sweets” or “Valentine Gifts” at an incredibly low price. Or maybe you get an email from a close friend, a family member or an associate who’s sent you a Valentine – one that can only be opened by clicking on a link. Even if it seems like someone you know sent it, you should be careful. Your friend’s computer and email could be compromised. In 2010, a Russian hacker stole the IDs of 1.5 million Facebook users and offered to sell them at a bargain basement price, according to VeriSign’s iDefense Labs. Some of them could be used to send you email, supposedly from someone you know.

A Rogue by Any Other Name Still Smells the Same

You should also be on the lookout for rogue social media apps with “Valentine’s Day” in the title. Last year, Facebook users were conned into clicking on links they thought had come from friends who’d posted messages on their walls, according to the Internet security firm Sophos. Among other things, the link claimed to reveal their Valentine would be in 2011. But the result wasn’t finding their soul mate. When the link was opened, the user was taken to a phony splash page asking for permission to access personal information and post status messages. Once the app was on a user’s wall, his friends were vulnerable, unwittingly spreading the surreptitious survey scam at light speed.

Looking for Love in All the Wrong Places

Then there are the Valentine’s Day search engine scams. Cybercrooks
love using fake websites listed on search engines to trick their users into buying Valentine’s Day gifts at big discounts. After the thieves capture their credit card information, the victims end up with no gifts and big fat credit card bills.

Valentine’s Day shoppers on the go love Wifi hotspots because they’re convenient, they’re free and they’re everywhere. Unfortunately, they’re also a haven for hackers because their wireless connections aren’t secure.
If you shop at a Wifi hotspot, you’re very likely to have your heart broken and your identity stolen.

When it comes to your behavior online around Valentine’s Day, don’t let your heart rule your head.

How to Protect Your Identity from Heartless Hackers

∙ Use long strong passwords that combine upper and lower cases letters with numbers and symbols. Use different passwords for every account and change them often.

∙ Use reputable virus and malware protection software and keep it updated. Check out security software sites such as Symantec, Sophos, McAfee and Kaspersky to learn about the latest Valentine’s Day scams.

∙ If an email looks suspicious, don’t click on links in it, even if it appears to be from someone you know. Watch out for emails with grammatical and spelling errors and email links with words in upper and lower case letters.

∙ Only send e-cards from reputable sites like Hallmark.com or Americangreetings.com. Check out the websites of companies you receive e-cards from before opening for anything that looks questionable.

∙ Go directly to websites you plan to shop at. Make sure the web address contains an “https” for added security.

∙ Use one credit card, preferably with a low credit limit, to make all your online purchases.

∙ Avoid making financial transactions at Wifi hotspots.

∙ Adjust your security settings to limit who can access your computer.
Turn Wifi off when you’re not using it.

∙ The best way to protect yourself from identity theft is to use a personal VPN like PRIVATE WiFi™. Virtual Private Networks encrypt the data travelling to and from your computer. That makes it invisible to cybercriminals.

If you’ve been the victim of online Valentine’s Day cybercrime, we’d like to hear what happened to you. Drop us a line and share your story.


  • PrintPrint
  • emailemail
Jan Legnitto

Jan Legnitto is an investigative journalist and documentary producer who writes about criminal justice and intelligence issues. Jan is also a frequent contributor to the Private I blogs.

Other posts by


Comments





FACEBOOK TWITTER

receive privacy industry news

Email:

most commented

questions + feedback

Have a question or a privacy issue that you'd like us to investigate ? Send an to our editors with your comments.