Cybersecurity tips from Unit 42 for the upcoming holiday season

Jen Miller-Osborn, Deputy Director of Threat Intelligence Unit 42 at Palo Alto Networks, offers cybersecurity tips for the upcoming holiday season.

2020 has been a year like no other, with the COVID-19 pandemic changing our everyday lives – particularly the way we celebrate the holidays. As a Unit 42 threat researcher, my mind goes to the holiday shopping season and helping consumers stay safe online.

Just as holiday decorations seem to go up earlier and earlier each year, the surge of online shopping seems to start earlier every year too. The existing trend has grown even more pronounced with many retailers advising customers to shop earlier than ever due to potential pandemic-related shipping delays. Amazon Prime Day on Oct. 13 and 14 has become an unofficial start to the holiday shopping season, followed by Black Friday and (of course) Cyber Monday. That all leads into Christmas, Hanukkah and other winter holidays.

However, with an extended holiday shopping season – one that will be predominantly online due to COVID-19 – come more opportunities for cybercriminals to target consumers with a variety of attacks.

To help you avoid the top four threats that consumers should be aware of, here are Unit 42’s 2020 cybersecurity tips for safer holiday shopping.

Protect against ransomware by separating work and personal devices.

2020 has been the year of ransomware. Attackers have been brazen during the COVID-19 pandemic, primarily targeting healthcare organizations, educational institutions and municipalities.

While attackers have largely targeted the enterprise and public sector this year, we may see consumers who are working from home and doing their shopping on their work devices get targeted by attackers. The goal for the attackers would be to compromise the consumer’s work device, get on the corporate network and infect the organization with ransomware.

Consumers should remember to do their work stuff on their work device and their personal stuff on their personal device. This avoids giving attackers an opportunity to target a consumer’s employer.

Examine email offers carefully to avoid phishing scams.

The most common threat vector for attackers is the phishing email. It’s easy and it works, and it’s another area where we’ve seen attackers emboldened during the COVID-19 pandemic.

During the holiday shopping season, consumers should be on the lookout for a variety of phishing scams, such as fake shipping notices, fake order confirmations and bogus charities.

Remember to think before you click. Don’t click on links from unknown sources. If a deal or offer seems too good to be true, it probably is.

Double-check domain names to ensure you’re visiting the website you intend to visit.

One of the top threats that Unit 42 has observed this year is cybersquatting, where cybercriminals register domain names that appear related to existing domains or brands, with the intent of profiting from consumers’ typing mistakes. The purpose of squatting domains is to confuse consumers into believing that legitimate brands own these domain names (for example, convincing people that walrmart44[.]com belongs to Walmart).

With consumers primarily doing their holiday shopping online this year, attackers will be active in setting up squatting domains that are similar to the stores where people love to shop. For example, Unit 42 discovered that Amazon is one of the top abused domains in 2020.

Consumers should make sure that they type domain names correctly and double-check that the domain owners are trusted before entering any site. Look for that lock symbol or the “https” in the browser.

Keep an eye on credit card statements to catch formjacking attacks and other suspicious activity.

Another top threat that Unit 42 has observed this year is formjacking, where cybercriminals inject malicious JavaScript code to hack a website and take over the functionality of the site’s form page. It is designed to steal credit card details and other personal information from payment forms that are captured on the “checkout” pages of shopping websites.

The challenge for consumers who are doing their holiday shopping online is that formjacking attacks are difficult to detect. Your transaction will go through, but behind the scenes, your credit card information is being stolen by attackers – and could potentially be sold on the dark web.

Consumers should make sure to double-check their credit card statements to ensure there’s no suspicious activity.

In general (not just related to formjacking), consumers should always use a credit card, or prepaid gift card, when making purchases online. This ensures a quick resolution in the event that a cybercriminal gets the card information and makes, or tries to make, a purchase. With prepaid gift cards in particular, it also limits the amount of money a cybercriminal has the potential to steal.