It’s Beginning to Look a Lot Like the Holiday Shopping Season

In the U.S. it’s Thanksgiving week and that means after Thursday, the holiday season will be in full force. Not only is it time to bring out the tinsel while jamming out to Michael Bublé’s holiday CD (I can finally listen to all the holiday music I want without judgment), it’s also time to buckle down on your holiday shopping. Have you made your holiday shopping list yet? Luckily, in the U.S., the biggest shopping days of the year are coming up meaning lots of shopping deals at stores on and offline to help you complete your holiday shopping list.

There are people out there who are really gung-ho about Black Friday—camping outside a department store the night before and fighting the masses for the half-price widescreen tv. That’s not really my style; I’m more of a Cyber Monday kind of guy. I just fire up my computer or tablet and start clicking and then boxes magically arrive at my house…well maybe not magically.

Online shopping is convenient for the holiday shopper. No lines, no braving the sometimes nasty winter weather, no crowds—you can buy almost anything and never leave your couch. Although online shopping is a great way to complete your holiday shopping list, you should take a couple precautions while online to keep your personal and financial information safe from hackers.  Along with avoiding the 12 Scams of the Holidays, here are the top 5 tips to help you stay safe while shopping online this holiday season.

  • Be wary of deals. Does that 90% off blowout sale of iPhones sounds too good to be true? It probably is. Any offer you see online that has an unbelievable price shouldn’t be believable. Beware of spam emails with links to awesome deals, as it’s particularly dangerous to buy on a site advertised in a spam email. I recommend using web protection, like McAfee® SiteAdvisor® provides easy to results to protect you from going to a malicious website.
  • Use credit cards rather than debit cards. If the site turns out to be fraudulent, your credit card company will usually reimburse you for the purchase; and in the case of credit card fraud, the law should protect you. With debit cards, it can be more difficult to get your money back and you don’t want your account to be drained while you’re sorting things out with your bank. Another option savvy shoppers sometimes use is a one-time use credit card, which includes a randomly generated number that can be used for one transaction only. If the number is stolen it cannot be used again. Using this type of credit card also ensures that a thief does not have access to your real credit card number.
  • Review the company’s policies. Look to see how the merchant uses your personal information and check to make sure that it will not be shared with third parties. You should only disclose facts necessary to complete your purchase and not any additional information about yourself. Also, check the website’s shipping policy and make sure it seems reasonable to you. You want to make sure that you understand all your shipping options and how they will affect your total cost of your online purchase.
  • Check that the site is secure. Find out if a company’s website is secure by looking for a security seal, like the McAfee SECURE™ trustmark, which indicates that the site will protect you from identity theft, credit card fraud, spam and other malicious threats. Make sure the site uses encryption—or scrambling—when transmitting information over the Internet by looking for a lock symbol on the page and checking to make sure that the web address starts with httpS://.
  • Only use secure devices and connections.  If you are using a public computer, information such as your browsing history and even your login information may be accessible to strangers who use the computer after you. Also, never shop using an unsecured wireless network because hackers can access your payment information if the network is not protected.  To protect yourself, do all of your online shopping from your secure home computer. When shopping at home, make sure all your devices are protected with comprehensive security like McAfee LiveSafe™ service which protects all your PCs, tablets and smartphones.

Think these tips are great? Spread the knowledge with McAfee and Dell’s Season of Sharing sweepstakes*. It’s easy—just head over to and share the #12Scams content on your social profiles. The more you share the more chances you have to win a $1,000 Dell Gift Card** and a 1-year subscription to McAfee LiveSafe.


*No purchase necessary. Valid only in the U.S. from Nov 4 – Dec 12.
** Terms and conditions apply. See


RobertSicilianoRobert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.


The post It’s Beginning to Look a Lot Like the Holiday Shopping Season appeared first on McAfee Blogs.

Koler Ransomware Extorts Money from Users

Hands up! Law enforcement agencies want you to pay for your crimes—but wait, what crimes did you commit?

While your record may be squeaky clean, this malicious Android app sure isn’t and its makers are doing everything they can to extort money from consumers. I’ve discussed mobile apps that attempt to steal money from users before, however the particular piece of ransomware up for discussion today is a different beast entirely.

Known as Koler, this Trojan takes over a user’s device and prompts him or her with fake notifications from various law enforcement agencies, attempting to trick them into to paying for their “crimes.”

Koler has been on researchers’ radars since May. However, the discovery of new variants in October revealed an added component allowing Koler to spread from phone to phone through text message bringing a new dimension to the ransomware.

Once Koler is installed on a mobile device, it will open a persistent window that covers the entire screen and displays a message from local law enforcement agencies, accusing users of indulging in child pornography—a very heavy allegation. The ransomware requires victims to pay a fine using prepaid MoneyPak cards before they can regain control of their phone and get rid of the notification window.

Koler is able to display localized ransomware messages in more than 30 countries, including the U.S. In order to spread to more mobile devices, Koler will send a text message to every contact in the address book of an infected phone. This message displays a shortened URL linking to Android application package file IMG_7821.apk, hosted on DropBox. If the recipient of this text installs the app, he or she will also unknowingly install Koler and become vulnerable to the scam.

This ransomware is extremely difficult to uninstall as the window it opens encompasses the entire screen, making navigation impossible. Therefore, a user must reboot the device in safe mode before Koler can be successfully uninstalled.

With malware such as Koler rapidly spreading across mobile devices, it’s extremely important for users to put an emphasis on the security of their phones. Here are a few quick tips that you can implement to protect against ransomware such as Koler:

  • Be sure the “unknown sources” option on your Android device is turned off. In the Android security settings menu, there is an option for users to install apps from sources outside of Google Play. When this setting is turned off, that device will not allow mobile apps from unofficial stores to be installed. Since the majority of malicious apps come from third party app stores, it’s a good idea to keep this setting off—permanently.
  • Don’t download files or click on unknown links. A good rule of thumb to remember is if something looks out of place or comes from someone unfamiliar, it should not be opened on your phone.
  • Take an active role in securing your mobile device. Although having security software installed on your device is an essential part of protecting your privacy, it is important that users be aware and take proper measures to avoid infection. McAfee® Mobile Security is free for both Android and iOS, and offers a variety of protections, including ones to help avoid ransomware like Koler for Android users.

To keep up with the latest security threats, make sure to follow @McAfeeConsumer on Twitter and like us on Facebook.


The post Koler Ransomware Extorts Money from Users appeared first on McAfee Blogs.

How To Avoid Being Cyber-Scammed this Christmas

Christmas is my absolute favourite time of year.  I love the Christmas Concerts, the carols and the ridiculous number of social gatherings.  However whilst most of us are enjoying a good dose of Christmas cheer, there is unfortunately a group of ‘cyber scammers’ plotting to take advantage of many people during the festive season.

McAfee has announced its annual ’12 Scams of Christmas’ list to educate Australians on the most popular ways cybercriminals scam consumers during the festive season.  Whether it is fake charities, good old phishing scams or a virus enhanced e-card, cyber scrooges spend a lot of time and energy scheming the best ways to take advantage of us during this busy time of year.

With the latest industry analysis showing that online shopping in Australia is up 13% from the previous year to date and 83% of Aussie retailers predicting higher online sales than last Christmas, there is a clear need for consumers to protect both themselves and their devices during the upcoming Christmas retail-fest!

So, in an effort to keep you all safe, I am sharing McAfee’s Top 12 Christmas Cyber Scams for 2014 and some tips on how to avoid them.  Please read and absorb:

  1. You’ve Got Mail – With online shopping growing exponentially, the risk of contracting a virus through a dodgy shipping notification or phishing scam is increasing.

Tip – Instead of clicking on links in a shipping notification, go directly to the site and enter your tracking number.


  1. Deceptive Advertising – Dangerous links, phony contests and bogus gift cards designed to steal your personal info will again be rife this festive season.

Tip – If a deal or advertisement looks too good to be true, it probably is.  Don’t click links, go straight to the retailer’s site.


  1. Chilling Charities – Beware of fake charities that could reach you via email or that are shared virally via social media.

Tip – Look for the seal and trust mark on a charity’s website before opening your wallet.  Always do an online search of the charity.


  1. Buyer Beware – There are some scams that you just can’t help but fall victim to.  The recent Target and Home Depot point of sale scams in the US are examples of this.

Tip – Check your credit card statements vigilantly


  1. Dodgy Apps – With a plethora of Christmas apps available, ensure you only download apps from trusted sources.  McAfee Labs recently found a suspicious Android app on Google Play (ACCLEaker.a) that secretly collects a device user’s google account ID, Facebook account ID and Twitter account name.

Tip – If the app requests too many permissions do NOT download it – it maybe requesting access to info on your phone that should remain private.


  1. Getting Carded – Hackers love packaging up bonus viruses with an e-card.  So, only use well-known e-card sites.

Tip – Be wary of gift cards from unknown senders.  Most recently, a US scam campaign took the personal information of AT&T users simply when they opened an email that claimed they were the recipient of a Starbucks gift card.


  1. Christmas Travel Scams – With travel on the rise over Christmas, online scammers are ready and waiting with fake travel links.  Also be wary of spyware at your destination that can access your information through logging onto infected PCs onsite.

Tip – Be wary of sites that request money or credit card information.  If you are renting a private holiday home, triple check the address on the rental site to ensure it is legitimate.


  1. Bank Telephone Scam – Beware the fake phone call from a bank stating that the user’s account has been compromised and requesting personal information including the account password, to make changes.

Tip – If you get a call from your bank about your account, ask to call them back.  Hang up, and call them back through the official line.


  1. ATM Skimming – Criminals can access your info at ATMs by installing skimming devices to steal the data off your card’s magnetic strip using either a video camera or keypad device to capture your PIN.

Tip – Beware of your surroundings when you are withdrawing money.  If you see any loose wires or parts that have been tampered with, leave immediately.


  1. ‘Year In Review’ Traps – Many news services capitalise on the holidays by developing “Year in Review” articles.  But remember not all these stories are developed with pure intention.  Links from phony sources could infect and compromise the security of your devices and your digital assets.

Tip: Be very cautious when visiting unknown URLs.  Visiting unknown URLs could result in landing on phony websites set up to spread malware or steal personal data.


  1. BYO…Device – With an increase in travel, activity and bubbly over the festive season, people are more likely to forget/lose their smartphones when they are out and about.

Tip – Ensure your digital assets are protected.  Always enable locate-lock on your phone and keep your PIN protected at all times.


  1. Beware USB Blues – Branded USBs often find their way into Christmas hampers.  Beware of using these as undetectable malware can sometimes pre-installed on them.

Tip – Avoid using USBs that you did not purchase yourself.  Stick to the ones you have kept secure.


If you do plan to search for deals online, use apps or open shopping related emails, you absolutely must invest in some comprehensive security software for your entire household’s devices such as the McAfee LiveSafe™ service, which protects all your PCs, Macs, tablets and smartphones.  The LiveSafe service also includes the McAfee® Mobile Security app, which protects your smartphone or tablet from all types of malware.


Till Next Time,

Safe Shopping & Happy Christmas

Alex xx

The post How To Avoid Being Cyber-Scammed this Christmas appeared first on McAfee Blogs.

‘Tis the Season for the 12 Scams of the Holidays

Fa la la la la, la la la la. Yes that’s me singing, but thank goodness you can’t really hear me (I save that for the shower). If you can believe it, it’s that time of the year again (even though it seems like we just finished Halloween). Time for holiday parties, family traditions, ugly sweaters, and… scams? Yes, that’s right. Now that the holiday season has begun, many of us are sharing, shopping and booking travel online— even more than we normally do.

And scammers know that with all that money and personal information floating around, they have a big opportunity. Using techniques like phishing, social engineering, fake charities and infected USB drives, cybercriminals can invade your privacy and drain your bank account.

Don’t let these hackers and thieves dampen your holiday cheer. To help you stay safe this season, McAfee has compiled a list of the 12 Scams of the Holidays. Check it out and educate yourself on what scams you need to look out for this holiday season.


Here’s some tips to help you stay safe during the holidays:

  • Be careful when clicking. Don’t click on links in email or social media messages from people you don’t know, and use a URL expander to know what site you are going to before clicking on a shortened URL.
  • Be suspicious. If a deal seems too good to be true, it probably is.
  • Practice safe surfing. Use a Web safety advisor, such as McAfee® SiteAdvisor®, that protects you from going to risky sites.
  • Avoid public Wi-Fi. Public Wi-Fi might be convenient, but it’s also accessible to anyone who wants to see what you are doing online.
  • Shop safely online. Make sure you stick to reputable e-commerce sites that have been verified as safe by a third-party Trustmark, like McAfee SECURE™. Also look for “https” at the beginning of a site’s URL, which indicates that the site is using encryption to protect your information.
  • Use security software on all your devices. Make sure you have comprehensive security protection, like McAfee LiveSafe™ service, for all your devices, including your mobile phone and tablet that also safeguards your data and includes identity protection.

Season of Sharing Sweepstakes

To make sure that we all have a safe and merry holiday, McAfee and Dell have teamed up to bring you the Season of Sharing Sweepstakes—and give you a chance to win prizes. By sharing safe shopping and online safety tips around the 12 scams with your friends and family, you’ll not only be helping others to stay safe online this holiday season, but you’ll also earn a chance to win a $1,000 gift card to** along with McAfee LiveSafe service to make sure all your devices are protected!

‘Tis the season to be jolly, so make sure you stay safe online.


*Sweepstakes open to US residents only. NO PURCHASE NECESSARY. Sweepstakes is from November 4 – December 12, 2014. See for full terms and conditions.
**Terms and conditions apply. See


RobertSicilianoRobert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

The post ‘Tis the Season for the 12 Scams of the Holidays appeared first on McAfee Blogs.

Spread the Joy with the Season of Sharing Sweepstakes

Did you have a great Halloween? I loaded up on lots of delicious trick or treat candy to last me at least until all the Christmas treats appear. But Halloween is over and it’s time to switch out the ghouls, pumpkins and tombstones for string lights, Christmas trees, and tinsel.  Yes, I know I skipped over Thanksgiving (for those of us in the US), but my local stores have had holiday decorations up since September. The holiday season is officially here!

The holiday season is a time of family, friends and tradition but it is also a busy time for hackers and scammers. They’ve planned all kinds of tricks to steal your money, information and cheer, knowing that this festive time of year is when we tend to let our guards down. It’s important to stay digitally safe during the holidays.

This year, McAfee and Dell are partnering to bring you the Season of Sharing Sweepstakes! It’s super easy to participate, just share content about how to avoid these holiday digital dangers with your friends and family. And you’ll have the chance to win a $1,000 gift card to and 1-year subscription to McAfee LiveSafe™ service.

Here’s how you can help spread the joy so we can all avoid the 12 scams of the holidays.



  1. Go to
  2. Sign into the page using your Facebook or Twitter account.
  3. Share the 12 scams content from the social feeds on the page to earn entries into the sweepstakes. The more you share, the more entries you get!
  4. Sit tight for winners to be announced on December 17.



  • Grand Prize: 1 winner will receive a $1,000 gift card to and a 1-year subscription to McAfee LiveSafe™ service
  • 1st Place: 1 winner will receive a Dell Venue™ 8 Tablet and a 1-year subscription to McAfee LiveSafe
  •  2nd Places: Ten (10) winners will receive a 1-year subscription to McAfee LiveSafe service


Have fun and stay safe this holiday!

*Sweepstakes open to US residents only. NO PURCHASE NECESSARY. Sweepstakes is from November 4 – December 12, 2014. See for full terms and conditions.


RobertSicilianoRobert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.




The post Spread the Joy with the Season of Sharing Sweepstakes appeared first on McAfee Blogs.