Site educates on holiday-themed online threats

Did your brother-in-law really send you a singing holiday card? Did a long-lost friend from college really include you on this year's list?

One inexpensive way to send holiday cheer may be to send e-cards, but security vendor AVG warned on Tuesday that online criminals are taking advantage of the fact most people don't know the difference between a legitimate e-card and one hosting malware.

Last week security vendors warned of a Trojan horse masquerading as holiday-themed e-cards from McDonald's, Coca-Cola, and Hallmark.

To better educate the public, AVG has launched a site, "Slam the Holiday Scam,", co-sponsored with CyberStreetSmart.org and i-Safeworking, and is working to team with various online safety organizations such as the National Crime Prevention Council, the FTC's Bureau of Consumer Protection, CyberStreetSmart.org, i-Safe, the National Cyber Security Alliance, and Consumers Union, and Protection from Brand Infection.

The tips, which should be familiar to most online users, include:

• Don't open attachments because most legitimate e-cards include links to the company's Web site that allow you to go directly to your card.
  
• If something looks a little strange or "phishy" just delete the card.
  
• Use security software on your desktop.
  
• Watch out for misspelled words or names, a disguised name (such as Your Friend, A Secret Admirer), or an odd URL.
  
• Always read the fine print before accepting any terms.
  

Also on the site is a free 90-day trial of AVG Internet Security, which includes antivirus, antispyware, and antirootkit protection plus a personal firewall and Linkscanner protection against malicious Web sites.

[redrobes]

Yeah, it's a shame that this continues to be a problem, especially around the holidays. I'm seeing a lot of similar news items about online shopping -- 'tis the season for phishers to do their thing with unsuspecting folks searching for gifts.

One bit of advice I'd give fellow consumers is to really examine the sites they're buying from (or sites they click through to) -- all vendors should have some kind of protection, and the most trusted have gone through a detailed review to receive extended validation ssl certs (I've seen too many scams in my day, so I only buy from EV SSL-protected sites now). I strongly urge merchants to update their security before the holidays are up -- and consumers, look for that green url bar.

[derekde]

We actually design <a href="http://www.progressivemediagroup.ca/corporate-holiday-ecards.php">corporate holiday e-cards</a> and we found in 2006 and 2007 malware infected e-cards was more of an issue, than last year. Although, last year, we still had a few who were 'concerned'. It is a shame how this medium is still being exploited. But, it's great to see so many online safety organizations helping to educate people.

[derekde]

Opps! sorry about the html in the comment :(