Cyber attacks peak during holiday and sales seasons. To make a profit, cybercriminals hunt for your personal information by sending out spoofed emails, exploiting domains, infecting your devices with malware or lurking you into giving away your sensitive information (like passwords, bank account details, etc.).
Black Friday and Cyber Monday – busy days for hackers
Firstly, annual sales happen around the same time every year – tons of time to plan creative scams. Just enough to be a step ahead and make them seem really realistic.
Secondly, online shopping has been booming globally. At least 8 in 10 Americans shop online. Moreover, Black Friday sales break e-commerce records every year. In 2017 US retailers reported they had sold a record-high of $5.03 billion through their online platforms.
And we know that people like to click on things. Around 30% of people click on malicious links and thus make it easier for snoopers lurking behind such links.
Finally, tempted by really great deals, shoppers are more prepared to pull their wallets out, rather than thinking about their security. Despite cybersecurity experts warning them every year to be careful.
Secure your Black Friday shopping
Here’s how not to become another victim of a Black Friday data breach.
Credit over debit
Credit cards usually have better protection than debit cards. If malicious agents get hold of your credit account number, any abnormal activity will be flagged as suspicious. Here you can learn more about how to secure your payments and cards.
Also, if it’s possible, when shopping, check out as a ‘guest.’ Some of the online retailers offer shopping without having to register your account. This option is convenient if it’s a one-time purchase.
Visit only secure websites
Cybersquatting describes an act when criminals buy domains that are close copies of the genuine retailers to mimic them and profit from the trademark.
Usually, they send out emails saying they are, for instance, Amazon, asking a potential victim to ‘confirm’ their payment details; or offer a tempting deal by urging to press on the link which redirects to the fake website. It’s tough to spot because sometimes the only difference is one letter in the name – mazon.com instead of amazon.com, or Hufu, instead of Hulu, etc.
If you get an email with a fantastic deal from a provider that you know, make sure the email was sent by the company, not by some scammers. Don’t click any links in the email itself, instead, go to the original website and check the deal there. This is how you get a bargain, not a virus.
One click is enough for your device to be infected with malware. Before visiting any website, check if it’s HTTPS, not HTTP. Basically, if you see a gray padlock with a red line in it indicates that the website you’re trying to access is unsecured.
Even though your devices are packed with security software (like, if you’re using a VPN), it makes no sense if it’s not updated. Developers update software to fix bugs and thus make it more secure. Same goes to the operating system and every app that you use.
Monitor your bank account
Even if you’ve been extra careful. Not only during the sales periods but also afterward. Some fraudsters may wait until the sales period is over – when people are not as alert about their security anymore, and then start draining accounts.
Encrypt your data
When you encrypt your data, scammers can’t see what data you send or receive. We recommend using a VPN as it’s usually easy to set-up, and doesn’t drain your wallet.
Don’t shop on public WiFi
There are all kinds of threats lurking while you surf the net connected to unprotected networks. If you don’t have proper protection, avoid shopping online and especially entering your credentials.
Knowledge is power
The more you know, the harder for hackers it is to fool you. Also, if you’re alert, you won’t be sharing your data with anyone offering a discount. The deal looks too good to be true? Well, most probably it is. Be suspicious. All the time.
This is perhaps the most common and basic online security advice one can give. If you share your data online in all directions, no security software can help you. The worst part of this is that what you share online don’t disappear, it travels around for an unlimited amount of time, and you won’t have any control over it.
To put it simply, if a deal requires you to enter personal details, think twice if it’s really worth it.
Finally, if you see that you’re a victim of a scam, call for help. The faster you act, the higher the chances of minor damage (either it’s identity fraud or data breach).
Here’s what you should do:
– Report it to the police
– Report it to the bank
– If the cybercriminal presented itself as a genuine business, report it to the company that somebody is faking their services
– Never engage. Never. Don’t ever demonstrate to the attacker that your vulnerable and scared.