Combat the Latest Online Shopping Threats (part 2 of a 2-part series) You better watch out! Cybercriminals are hard at work prying personal information in new and devious ways. Before a bad Santa injects themselves into your holiday gift list, learn how you can avoid the latest Internet scams this holiday season (and every day), and ensure that bad Santa stays off your list. Who’s Infecting Who? By now many Internet users have learned not to open suspicious email attachments, are careful about phishing scams, and avoid peer-to-peer file sharing to keep their computers clean of malware. Now that people are more aware of Internet security best practices, cybercriminals have had to step up their game. “Cybercriminals have learned how to exploit website vulnerabilities to inject malware on reputable websites,” according to Tom Serani, EVP, Business Development at Sitelock. Websites with heavy traffic attract attention from fraudsters wanting to steal shoppers’ personal information presenting an even greater challenge to online shoppers. However, that doesn’t mean that you shouldn’t join the holiday bustle. “Online shoppers should be aware of the sites they’re visiting and avoid transacting on websites that do not have malware protection,” suggested Serani. Websites that have malware protection display a seal like the Sitelock Trust Seal, which appears at the bottom right corner on website’s protected by Sitelock. The SiteLock Trust Seal, for example, will show the last date that the website was verified as malware free, so it should always be up to date. If not, customers should consider taking their purchase elsewhere. Don’t Call Me. I’ll Call You. Has this happened to you? A “helpful” caller gets you on the phone claiming to be from a well-known software company and wants to help you remove a virus from your computer. Little do you know that this “friendly” call is actually a fraudster looking to gain access to your computer to drop a piece of malware on it. This will enable them to take control of your computer in order to carry out fraudulent transactions using your credentials, or to inject malware designed to grab your personal information. Always know, tech support professionals generally don’t initiate these phone calls, they respond to yours. Don’t trust a random caller even if they claim to be from a reputable company. Make Your List... ...And check it twice (or more) to avoid getting caught in an online attack. Old threats are still as active (and relevant) today as new ones.