Christmas, time for gifts, decorations, cold and snow. As well as hackers, ransomware, phishing emails, online fraud and cybercriminals. The shopping period has always been the one that appeals to the bad guys. Always, but this year more and even earlier: already in October, in the long period avvicinamento a Black Friday e Cyber Monday, there was a 178% increase in dangerous sites related to shopping and offers, while in November more than 5,300 popped up and proved to be real traps. Over 5300 per week.
The data comes from Check Point Software Technologies, an Israeli company engaged in cybersecurity, active in almost 90 countries around the world, which has about 6 thousand employees, over 100 thousand customers and two offices also in Italy, in Milano it’s at Roma.
Tardigrade, the virus that attacks the production of vaccines and medicines
by Arturo Di Corinto
The danger comes from e-mail
The problem is the year that was 2021, in which more or less all of us worked, studied and had fun remotely, through the computer or smartphone: according to the surveys, cyber attacks have grown in the world by 40% compared to 2020, with one in 61 companies getting hit with ransomware every week. In Italy it is worse, as they explained to us Marco Urciuoli e Marco Fanuli, respectively country manager and leading security engineer of Check Point Italy: in our country, in the last 6 months, a company is attacked on average 964 times a week (in Europe the average is 717 attacks per company) and 93% of malicious and dangerous files are delivered to us by mail.
And here we return to the discourse of ecommerce and its dangers, because a lot of these e-mail messages advertise incredible discounts and unmissable offers, to get people to click, get to a site that isn’t what it seems, leave their personal details (and perhaps their credit card details), and allow hackers to get what they were looking for. Moreover, very often these fraudulent sites they imitate the real ones, of giants like Amazon, Dhl, Best Buy, PayPal and many others, just to make us believe we are safe. Which, however, is not true.
The dangers of mistaken identity (and artificial intelligence)
Then there is everything else, from vishing to Smsishing, up to deepfakes. The first term indicates the cases of emails that seem to be sent by colleagues, or in any case by acquaintances, and are inserted in the middle of conversations that we were actually having with those people, making their identification even more difficult: this is what happened to Ikea employees recently. Instead, the so-called Smsishing, as perhaps the name implies, is realized through sms, short text messages that inform us about something on which actually we were waiting for information (a package we were waiting for, maybe) and which contain a link that we should click on. However, he ends up getting caught in a trap.
Unfortunately, that’s not all:
there are cyber attacks related to the coronavirus and anti-Covid vaccination, with fake news artfully created to carry out phishing operations and scams;
there are the new risks brought by cryptovalute, which are created via software and therefore are a new breeding ground for cybercriminals;
there is the question of deepfake, the perfect fakes created with the use of artificial intelligence, which bad guys can use to manipulate opinions and convince us to do something we didn’t want to do.
United Arab Emirates and Israel united in cybersecurity cooperation
by Benedetta Paravia
6 tips to reduce the risk
Maya Horowitz, Check Point’s Vice President of Research, recalled that “in 2021, cybercriminals have adapted attack strategies to take advantage of vaccine obligations, elections and the transition to hybrid work, to target companies “, that” we can expect a huge increase in terms of ransomware and attacks on portable devices “and above all that” companies will always have to be more aware of the risks and make sure you have the appropriate solutions for anticipate attacks“. To prevent, instead of reacting.
This applies to companies and the business world, but what about us? We ordinary people, that maybe we would just like to shop online for Christmas in peace? For us there are 6 tips prepared by Check Point:
buy always from safe sources and reliable, therefore do not click on promotional links received via email or found on social networks;
beware of sites that look like they are not, also checking the spelling in emails or pages;
don’t be fooled by impossible offers, because really “the new iPad will not be discounted by 80% at Christmas”, even though we might like to;
always look for the padlock in the address bar e https instead of http, because making an online transaction from a site that does not have SSL encryption installed is a bit of a search for it;
always pay attention to password reset email, especially if not requested, avoiding clicking on the links they contain and indeed going to check if everything is in place on the site to which they refer;
in case of corporate network they are connected multiple devices, to secure all these devices (the so-called endpoints).
They seem more or less the same advice as always, right? That’s right, but that’s why the mistakes we make are more or less always the same: the fault is not of those who repeat the same recommendations to us, but of us who do not follow them.