Veracode released a new infographic, “Identity Theft: Staying Safe in an Online World,” that provides practical tips for keeping personal information safe when shopping online this holiday season. Black Friday and Cyber Monday are just days away, and many consumers will fall prey to countless schemes from hackers and spammers trying to gain access to Personally Identifiable Information (PII).


Click on the image for a the complete infographic
The theft of PII, such as PIN, bank account and social security numbers, is the first step in online crimes such as identity theft, credit card fraud and banking fraud. With identity theft becoming more prevalent, it should come as no surprise that there were more than 4,500 new types of attacks via the Internet each day in 2011, costing consumers and businesses a total of $1.52 billion.

Every day, hackers become more sophisticated and effective in their attacks, taking advantage of poorly coded Web application software to introduce malicious code into networks. One of the most common attacks, SQL injection, exists when a Web application fails to properly filter or validate the data a user might enter on a Web page – such as when ordering something online – and lets unauthorized third parties such as hackers gain direct access to confidential back-end data.

“Nearly 80 percent of online sales occur in the weeks between Black Friday and Christmas, making this upcoming week one of the busiest of the year for hackers and spammers,” said Chris Eng, vice president of research, Veracode. “The knowledge that nearly one in 25 Americans had their identity stolen last year isn’t going to make people stop shopping online, but we want to help them shop securely.”

Consumers can protect themselves against the possibility of identity theft by:

Creating strong passwords. Passwords should be longer than eight characters, include letters, punctuation, symbols and numbers, and should be changed every three months. Additionally, users should not use the same password for every site or online account.

Investing in security. Get an up-to-date virus checker and good security software. Firewalls and active malware protection provide an extra level of defense against cyber-attacks.

Avoid Feeding the Phish. Pay extra close attention to emails that you don’t recognize or seem strange. Never click on a link from someone you don’t know or with a suspicious looking website address. When in doubt, stay away!