In my previous article, I advised you on how to protect yourself against attempts to steal your money while shopping online. I promised to analyze another problem – how to find shops you can trust and recognize those you can’t.
There are many e-shops and online markets on the internet. Some have a perfect reputation, some do not. From time to time there is a headline in the papers about “another fraudulent website” followed by speculation of how much money was actually stolen. How do you screen the good shops from the bad ones? Let us start with a few tips:
You can generally trust
- Well-known and long established online shops
- Shops your friends recommend to you, based on their experience
- Shops with professional-looking websites and working customer support
Be careful when
- A shop offers goods too cheap – for example a new iPhone for $20
- Websites with limited functionality and errors
- A shop hosted in some unusual country – check the domain name in the address bar
- Respond to offers sent via spam
- Initiate shopping when you get the alarm from avast! Antivirus, or the web-browser for that e-shop
Beside those tips you can use some crowd-sourced reputation service where people visiting that shop can cast a vote about their experience. This can be very useful. Having a lot of positive feedback is a good sign you can trust the shop in question. Mixed, negative feedback signal potential troubles. When there is limited or even no feedback at all, it means the shop is brand new or not widely used. When you come across a shop like that, be very cautious – most of the fraudulent webs have a short lifespan.
There are two reputation services I can recommend you. The first is our avast! Online Security browser plugin which is a part of avast! installation. The second widely used and reliable is Web Of Trust.
Speaking about the reputation, I have one warning for you. The reputation some shops present about themselves can easily be a product of forgery. When you visit a fraudulent site, it will probably be overfilled by fake positive reviews to lure more victims. Trust the reputation and references from friends or independent sources.
How to pay
When using a smaller online shop, unlike the well-known big ones, it is generally a good idea to not give your credit card details directly, but to use some payment service such as PayPal. In this way you can pay for the goods or service without exposing your crucial information. Another option is a pay-on-delivery service. I would be personally very reluctant to trust my credit card to a shop I have seen for the first time in my life. If such a shop accepts only directly entered credit cards, I would rather go buy somewhere else.
There are many threats lying in wait for internet users. Stay protected with avast! Antivirus and please, be cautious about where you conduct online transactions. One last thing – please, share these tips; the topics discussed in these two articles are still new for many people, and you certainly don’t want to see your friends or family members falling victim to cybercrooks.
Enjoy the upcoming shopping season!
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.
Seasonal shopping fever starts with Black Friday and Cyber Monday in a few weeks, but we’ve already seen terrific sales offered online by retailers getting an early start. Every year more people make their purchases online, with the intention of saving time and money and avoiding the crowds. There are, however, some people who love the shopping season for different reasons. These are people we all want to avoid – Cybercrooks. They study our shopping behavior with one thing in mind – to take advantage of us for their own profit. Here are a few tips to lower your risk of falling victim to cybercrooks.
Protect your credit card well
The most important rule is to protect your credit card. While shopping online, the only information you generally need to authenticate a payment are the numbers written on both sides of your card. Along with the PIN code, these are crucial for the security of your banking account. Be very careful who you entrust with them.
- Never let anyone write down your card number or take a photo of it
- Never send those credentials by email, SMS, or tell them over the phone
- Never give your card to a website you do not trust or which does not use a secured (encrypted) connection
- Process your credit card data only from a clean (without malware infection) computer
- Limit the maximum value payable over the internet at your bank
Some of the points mentioned above require in-depth explanation. Let’s take a closer look at them. Read more…
I am quite surprised at how inventive people can be when it comes to the thinking up weak passwords. The obviously weak combinations like ’1234′ or ‘qwerty’ along with names and phone numbers are quite common parts of passwords.
The story begins with me fighting a familiar piece of malware, Bicololo, which is spyware designed to steal the identity from users of Russian social networks. A routine task you might say. This time the authors were less cautious with settings on their rogue servers, so I managed to get hundreds of freshly-stolen credentials. What to do with them? The first thing I tried was contacting support of the affected social network to get users warned and passwords reset. Unfortunately, my effort met no success there; they did not even bother to answer my mail! So instead of getting to warn hundreds of innocent users on the Russian social network, I used this unique opportunity to analyze the habits users have regarding their passwords and share it with our AVAST readers.
Once I cleaned up the data, I received about 850 unique combinations of username-password pairs. This is not enough variants for the results to be widely representative. The data was obtained from a rather specific group of (less experienced) users whose lack of knowledge allowed their computers to be infected. I expect the general reality to be a bit better than my results. Though my findings are not scientifically-correct, they can give us some insight into the problem and show us examples we should avoid while choosing our passwords. Read more…
In October we wrote on our blog about a spreading Russian Trojan horse named the Bicololo. Since that time, the malware has continued to evolve and spread even further. Nowadays avast! saves several thousand PCs every day from its infection.