Security vendors warn of Christmas e-crime spike

The IT security vendor community came out in force today to warn consumers and corporate web surfers that internet criminals are likely to double their efforts over the Christmas season to infect machines and steal sensitive data.

Content security firm Websense released a five-point plan to help users avoid scams, which includes taking steps to ensure that all systems are protected with the most recent patches.

Users should also be wary of e-cards which could include links to malicious sites, as well as special offers which could be used to tempt users into disclosing credit card details, said the firm.

Attachments and video content are also likely to be exploited this festive period as a way of infecting machines with malware by stealth, said Websense.

Network security vendor Trend Micro, meanwhile, warned of another popular e-crime tactic at Christmas. Fraudsters may send messages purporting to be from popular courier companies, with an attachment which they claim is an invoice but which actually contains malware.

A similar tactic is to send consumers an email telling them to open and print a receipt, which also turns out to be malware. The regular shopper may be fooled into doing this because they are expecting such an email from their e-commerce provider, and others may click out of curiosity, said Trend.

Finally, IBM's X-Force security research team warned firms to be doubly cautious about allowing unauthorised USB devices to connect to the corporate network.

"Every Christmas brings an abundance of electronic gadgets, smartphones and auto-play DVDs," the firm said. "Past X-Force research has shown that some of these toys are loaded with malware and can be used by cyber criminals as a backdoor into corporate networks."