E-shopping: here is the handbook of Cisco Talos

E-shopping: ecco il decalogo di Cisco Talos thumbnail

Time for Christmas gifts, time for hackers, time of the Cisco Talos Decalogue: a support to help consumers.

According to a recent research conducted by Adobe (“Holiday Shopping Forecast”) this year spending on e-commerce will exceed 200 billion, both because shopping online is convenient and fast and because it is considered safer in light of a fearsome fourth wave of infections. The preferred period is therefore approaching for web criminals, who are particularly adept at inducing users to download malware and enter their credit card details.

So here are 10 tips straight from Cisco Talos, the world’s largest privately held cyber threat intelligence organization. A real decalogue that it will be good to observe if we want to protect ourselves from these risks.


1. Pay close attention to top-level domains with .top, .stream, .trade, and .bid extensions.

2. Only download applications from official app stores such as Google Play store and iOS App Store.

3. Beware of apps that ask for suspicious permissions, such as access to text messages, contacts, stored passwords, and administrative features

4. Some malicious apps will be very similar to what you are looking for. Here are some red flags: misspellings and grammar in app descriptions and interfaces, lack of high-quality performance, or a developer contact using a free email service.

5. Do not click on unsolicited emails.

6. Always make sure you are subscribed to the offer emails you will receive during this period.

7. Whenever possible, prefer payment services such as Google Pay, Samsung Pay and Apple Pay. These services use a token instead of your credit card number, making the transaction more secure.

8. Choose strong and different passwords for each site. Cybercriminals reuse passwords to compromise multiple accounts with the same username. You can also use a password manager.

9. Manually type the URLs of the sites you want to visit rather than clicking directly on a link.

10. Use multi-factor authentication to prevent unauthorized access.