Online Shopping: Things that Internet Users Should Keep in Mind

24 days – 24 tips – 24 chances to enter and win

11/30/2012 | Bochum (Germany) 

There are good reasons why online shopping has been extremely popular for years: no need to look for parking, no long queues at the checkout and no hectic while looking for presents. Christmas is the busiest time of year for Internet merchants, but not just for them: G Data is expecting cyber criminals to once again increasingly target online buyers this year. Over the next few weeks, there will probably be more spam emails offering apparent bargains, fake parcel delivery service notifications and alleged shipping notifications from large online retailers luring unsuspecting recipients into malware and phishing traps. G Data lists three of the top dangers when buying presents online and explains what Internet users can do to protect themselves. In addition, the awareness campaign "Safe Christmas 2012 – no chance for online fraudsters" with daily expert tips for Internet users and a big interactive Facebook campaign will start on the first of December.

24 days – 24 tips – 24 chances to enter and win
This coming Saturday, G Data will start its awareness campaign for safer online shopping and Internet surfing under the motto "Safe Christmas 2012 – no chance for online fraudsters". Each day, the G Data Christmas calendar will open a new door with a new safety tip. With this campaign, G Data wants to make Internet users aware of the tactics used by online criminals and malware distributors, because these tend to be particularly active in the period leading up to Christmas. In addition, it aims to encourage people of all ages to join in to make family members, friends and acquaintances aware of this issue. G Data is thus asking all Internet users to submit their own security tips to The best user tip of the day will be published on the G Data website ( and Facebook page. As a thank you, each winner will receive a great prize: prizes include full versions of G Data software, trendy security Christmas presents and an original G Data Christmas tree.

Fake shipping notifications
Christmas presents that have been ordered are usually delivered by parcel services. Criminals exploit this and send fake emails with shipping notifications and bills. These messages suggest, for example, that a package could not be delivered or that a new invoice for a shipping order is available in the customer centre. When users call up these links, computer malware can install itself on the computer unbeknownst to the user. Such spam emails often contain a file attachment that is also infected with malware. If a user clicks on the attached file, the malware might, for example, execute spyware that records all future key entries, e.g. login data for payment services or online banking.

Bargain traps
In the spam emails, fraudsters promise brand name products such as luxury watches or expensive designer brands at very low prices. The integrated links lure users either to websites infected with malware or to a fake online shop where banking and other data is stolen during an ordering process. Emails of this type can often be easily identified by their subject lines, which are along the lines of "Christmas Sale, Thousands of luxury goods for under $100".

Dangerous Christmas greetings
Another popular strategy in the Christmas period is to send fake Christmas e-cards. These can contain file attachments with a variety of popular malware strains or a link leading to an infected website.

Five security tips for safer Christmas shopping:

  • 1.    Take a close look: Before you make a purchase, take a close look at the online shops and check their reputation. This includes reading the general terms and conditions, the legal notice, and checking shipping and any additional costs. Users can also research whether the respective online shop or vendor is known as a "black sheep".
  • 2.    Paying online: During the payment process, users should pay attention to their browser's security notifications to ensure that data is being transferred in encrypted form. The important things to look out for are: the padlock in the status bar or address line, the "https" abbreviation before the address you entered, the green background in the address line in most modern browsers and the right top level domain being displayed.
  • 3.    Straight to the bin: Ideally all spam email should be deleted without being read. Users should not open integrated links or file attachments under any circumstances. Links to online banking sites, online shops or payment services should ideally be typed into the browser manually. In doing so, you should take particular care to avoid typos, since criminals use these to lure buyers to fake sites.
  • 4.    Closing security holes: You should use updates to ensure that your operating system, installed software and apps are always fully up-to-date. This not only applies to PC users but also to smartphone and tablet users.
  • 5.    Secure banking: When using online banking, you should make sure you use a two-way authentication procedure that is as safe as possible. G Data BankGuard – the only protection against known and unknown banking Trojans – provides additional protection during online payment transactions. Buyers who use a payment service provider to pay invoices should use a provider that offers buyer protection.

Daniëlle van Leeuwen