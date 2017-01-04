Protect yourself from cybercrime this Chinese New Year

Avoid becoming a victim this holiday season by following these essential cybersecurity and anti-fraud tips.

With the Christmas festivities barely behind us, Chinese New Year decorations are already up across shopping malls and websites across Asia. Just like Christmas, annual e-commerce spending during this period reaches record heights, making it the perfect time for cybercriminals to exploit and deceive shoppers.

For anyone who is unfamiliar, one key difference during this holiday is of course the giving of little red envelopes (called hongbaos) containing money to family, friends and associates. While the practice is much loved by the young, it is less so by the not-so-young.

Thanks to China's wonder-app WeChat and many other remittance services, it's now becoming increasingly popular to send digital hongbaos. Since cybercriminals have already taken notice of this trend, fraudulent digital hongbaos have become one of the most widespread scams during this period.

Having clicked on an embedded link, unsuspecting users may end up on phishing pages that ask for sensitive financial details. Shenzhen Daily reported an incident where a man who received a rogue red envelope, filled out his banking credentials (account number and password) in an app downloaded from a linked-to website. Shortly afterwards, he discovered that almost $1,000 went missing from his bank account. Recipients of digital hongbaos should stay vigilant and refrain from disclosing their personal information, no matter how luring the gift may appear.

Cybercriminals also capitalise on Chinese New Year festivities by sending massive quantities of holiday-themed spam emails, sending booby-trapped files to numerous users. By opening these catchy email attachments, victims can unwittingly execute malicious payloads. This tactic is particularly used to spread file-encrypting ransomware that holds one's data hostage and extorts money in exchange for decryption.

Whilst there is no perfect solution for consumers to protect themselves online during the upcoming holiday period, here are some of the best practice tips to help protect yourself:

Consider the reputation of the online store or app you are about to buy from. Have you heard of it before? Do you know anyone who has used it before? Remember, if something looks too good to be true, it usually is.

When using a website, take a look at your browser and make sure your connection is SSL protected before inputting any private information. This SSL link ensures that all data passed between the web server and browsers remain private and integral. You can spot whether the website you are on is using an SSL connection by checking for the following:

a. The padlock symbol appears in the address bar to show you that your connection to the server is secure. If this does not appear or if the padlock symbol is broken, then the page does not use SSL.

b. The website owner's company name is displayed in the address bar, separately from the URL.

c. The start of the URL changes from HTTP to HTTPS.

Avoid using public wireless hotspots when making transactions. Only use your own computer for this purpose.

Choose passwords that no one will guess easily, that are at least eight characters long and which include at least one number and one upper case letter. Also, never share or reuse your passwords. One way to help you remember your passwords is to use similar but distinct password for each account.

If your computer or mobile device prompts you to update your operating system or a particular piece of software, avoid the temptation to continually postpone the update. Older versions of software are often less secure, leaving you vulnerable to malware, so take the time to update your software.

Use a separate credit card with limited funds on it for online shopping.

Enable SMS notifications for all card transactions.

Check your bank statements regularly, for instance, on a weekly basis.

Identify your most sensitive data and back it up.

Never download attachments or click on links in emails from unknown senders.

VPN (Virtual Private Network) solutions are a worthwhile investment because they conceal your online activity from criminals.

Use a reliable Internet security suite that will block malware and raise red flags on online frauds and phishing attempts. Be sure to install a mobile antivirus too.

