Walking in a Dark Web Wonderland
You better watch out! You better not click!
You might think it is— but that’s not Saint Nick!
Ah, the holidays. Ya gotta love this time of year! It’s that time when our rosemary & thyme-scented homes are filled with our families; when we eat way too much turkey & pie, where we gather to watch football & Macy’s parades, and how we attempt to avoid heated political discussions with angry Uncle Bart. So much to be thankful for!
Thanksgiving-time is our wake-up call to get ready for the holiday shopping frenzy. While this isn’t the only reason to love this time of year; it definitely entices an unspoken ‘je ne sais quoi’ of the holiday season. In the old days (like, three years ago…) we would get up early, run to the mall, and get a jump start on holiday sales. We don’t even have to leave our homes anymore! You can do your all of your shopping in the comfort of your recliner; unbutton bloated pants and all! With most deals starting even before Thanksgiving, you can surely avoid the fist fights and frigid temperatures. Sound like a win-win to me! So what’s the catch?
Well lean in, I got a secret to tell you. *Whispers* Cybercriminals don’t celebrate Thanksgiving.
Shocking, I know. And if they do, they’re biting into a turkey leg as they relentlessly prey on victims behind the blue light of a computer screen. So while we’re adding items to our online cart, they are celebrating in a much different way.
This is what I lovingly refer to as ‘Cybercrime Tuesday.’
Have you heard of it? Not likely, because I made it up; but it’s real I tell you. Just like Santa Claus.
Yup, cybercriminals are hard at work while we engorge on stuffing, touchdowns and big savings.
So how do they do it? Cybersecurity Ventures lists of all of the companies that were hit with major data breaches, just in September alone. Add these to the breaches of Yahoo, Facebook EquiFax, and LinkedIn…and you have millions and millions of victims. Cybercriminals will use the information from all of these people either now, or a decade from now. Info such as email addresses, passwords, social security numbers, addresses, phone numbers, etc. They will wait to strike while we are distracted; or even wait years and years until we’ve forgotten about it all.
So come Tuesday morning, don’t be shocked if you hear about some type of cybersecurity scandal. I sure won’t be.
Imagine on CyberCriminal Tuesday (or realistically any day starting, like, NOW) we all receive an email that looks like it is coming from Amazon, Best Buy, Target, Walmart, FedEx, UPS, or even the Postal Service. The email looks amazingly real, and is not in your Spam folder. It may read, “Your package has been Delayed in Shipping! 🙁 ” or “ Your item is Out of Stock! 🙁 ” or “Your Credit Card is Invalid! 🙁 ” The email then directs you to click on a link to log into your account to rectify the issue. Would you?
Have you ever received a legitimate email like this? We all have. How many millions of folks will buy something online in the next few days? A lot. How many of them would click on the link? Almost all of them.
That’s millions of opportunities for a team of con artists to take home a big pay day.
What actually happens when you click on the link? There are a few things that come to mind:
- You click on the link and get redirected to a phishing website that looks real and you log in with your account credentials. At this time, the cybercriminal uses your account to make purchases for his loved ones. Since he doesn’t have any, he maxes out your credit card and sells all the goods. Cha-ching! Pay day for that guy!
- You click on the link and malware is installed on your device which steals your username and password for all of your sensitive accounts. This is potentially a bigger payout than the first guy!
- You click on the link and ransomware encrypts your entire home network and turns all of your smart TVs, appliances, lights, cameras and alarms into useless devices until you pay the ransom. Big day for the bad guy; horrible day for you!
Am I ruining your holiday season by bringing this up? If you think talking about it is bad, try living with it. I’ve seen thousands of cases where this was someone’s reality. It could be yours if you’re the next victim. Let’s avoid that!
Now I’m not saying give up shopping online and go back to the prehistoric ways of window-shopping. Realize that by Thanksgiving day- Cybercriminal Holiday Season is already in full swing.
Expect (and suspect) all emails to be phishing emails.
They are going to pick up as we get closer to Christmas Day. Imagine how you’d feel if you get that email on December 23rd saying your spouse’s present isn’t going to arrive. Stop, take a deep breath, and think before you click. Even if you think it’s real, DO NOT click from that email. Instead log into your account from the browser by typing in the website. DO NOT get tricked into calling the telephone number on the email. When you call this number you will be connected to a call center and they will either direct you to click on the link or ask for you credit card info. Instead, call customer service from the actual website. Don’t let the Cybercriminals destroy your holiday season.
How many of you clicked on any of the vendors (Amazon, Target, etc) from the long list I linked above? Did you realize I hyperlinked my website, instead of the actual vendor’s websites?
I easily could have been a cybercriminal, linking you to the dark web where I would be waiting to weave my evil schemes. Haven’t you been listening?! Now pay attention!
Next week we are going to talk about purchases with credit cards and debit cards, and which one is better. While you ponder that, enjoy your mashed potatoes and apple cobbler. And before you go buying the new Apple Airpods to tune out Uncle Bart’s voice- think again before you Add-To-Cart. You never know what criminal is waiting for YOU!