Unfortunately… so are cyber-criminals. With online attacks becoming more sophisticated – shoppers need to be extra careful when hunting the latest deals online. Follow our top tips to stay safe and stop cyber-criminals cashing in on the annual sales rush this Black Friday and Cyber Monday.
Not all sites are as legitimate as they appear to be as cyber-criminals often spoof websites making them look like the real deal. Keep an eye out for spelling/grammatical errors that you wouldn’t expect from an official retailer (e.g. Amazoon instead of Amazon) and if you’re in doubt, go directly to the company’s website to verify the offer. Additionally, beware of ads/pop-ups encouraging you to click on links. Although the offers may seem enticing with rock bottom prices, if it looks too good to be true…it probably is!
For mobile phone applications, make sure they are downloaded directly from the Apple App Store or Google Play Store and make sure you never click on a link to download an app from an unknown source.
We know being asked to click on all the squares which contain a traffic light when you’re trying to check out can be frustrating, but these CAPTCHA challenges are used to prove you are human and not a bot who is accessing the website maliciously. Additional security measures mean your data is safer than if you were inputting it into a website without.
By using public Wi-Fi networks to make purchases online, you could potentially be getting more than you bargained for. Public Wi-Fi requires no authentication to establish a network connection – what this means is cyber-criminals are granted direct access to any unsecured devices on the open network, enabling hackers to potentially steal login passwords, financial details and other sensitive information.
Speaking of passwords… when was the last time you changed yours? Well, there’s no time like the present! If you’re using the same password for your online accounts (or passwords that can be easily guessed), then you’re at risk. Often hackers steal your password from one account and use it to access others. For your really important accounts (email/social media and payment accounts) we recommend using long and strong passwords that you don’t use anywhere else.
You can further protect accounts by enabling multi-factor authentication, sometimes known as “2FA”. By enabling this feature, even if your passwords are compromised and guessed, there’s an additional security layer which usually asks for a one-time code that’s sent to your phone before you can gain access to your accounts.
You should only fill in the mandatory details on a website when making a purchase. These are usually marked with an asterisk (*) and typically include delivery addresses and payment details. Legitimate websites shouldn’t ask you to provide additional security details to complete your purchase – think the name of your first pet or your first car – typical security questions asked when creating accounts online. Don’t be fooled into providing these details for hackers to gain access to your other accounts.
Where possible, unless you’re planning on becoming a regular shopper with the company you’re buying from, don’t create an account when making your payment. Most online stores offer the option to check-out as a guest, or to pay using an online payment platform (such as PayPal) this ensures your payment details aren’t stored and can’t be accessed if your account is compromised.
As Black Friday and Cyber Monday approaches, inboxes all around the world see a massive increase in phishing attempts. Phishing remains one the most simple and effective ways to steal your personal data. If any emails you receive offer last-minute deals or prizes – don’t take the bait! These emails are designed to reel unsuspecting shoppers in and imitate well known retailers. Always remember, if in doubt – throw it out!
Not only are Infuse great at giving you the best tips to become safe savvy-shoppers, but we also offer great security services for businesses…we cover everything from strategy to security audits, so you can be assured that your organisation is in safe hands with us.
Get in touch with one of our advisors today by emailing [email protected] to get started!
Information taken from NCSC,2020