In normal years, the popularity of online shopping leads to an increase in cyber scams. This year, e-commerce is expected to surge even more than usual on Black Friday, Small Business Saturday, and Cyber Monday—with an accompanying increase in phishing attempts, too.
Cybersecurity experts have already identified an increase in spam emails containing common phrases like “cheap offer” and “holiday sale.” Some emails advertise specific products with recognizable brand names at major markdowns, while some claim to include coupons for popular retailers like Amazon or Wal-Mart.
The goals of phishing campaigns like these vary. Some try to convince unsuspecting users to enter credit card information on a page, while some try to install ransomware or malware on a device by encouraging a click on an illicit link or a download of an infected attachment. Others attempt to steal passwords that can be used to hack into a user’s other accounts.
No matter what, these emails are dangerous—and thanks to the ongoing COVID-19 pandemic, this year could be worse than ever. So how can you shop online and still stay safe this holiday season? The first step is to be aware. Whether you’re making purchases online, browsing for the best deals, or shipping gifts to family members, it’s important to know how to spot the most common online threats. Fake websites, bogus apps, and illicit emails abound. If you start your holiday shopping process aware of that fact—and use a password-protected Wi-Fi network— you’ll be ready to put the following tips into action.
1) If it seems too good to be true, it probably is.
If you’re seeing phrases like “90% off” or “buy one get one free” in emails, then proceed with caution. Steep markdowns like that are rare, especially when an increase in shoppers allows retailers to keep prices steady. Hackers gamble on the fact that human beings will click on far-fetched ads just to see if they’re real—don’t take their bait.
2) Look for errors and inconsistencies.
Get in the habit of looking closely at sender email addresses, subject lines, and greetings. Many times you’ll see misspellings, unusual characters, or awkward language in these prominent parts of emails and ads—and once you get used to looking for them, you’ll be able to spot scams from a mile away.
3) Only shop on secure websites.
Check any website’s URL to make sure it contains “https” at the beginning of the address—not just “http.” The extra “s” indicates that the website has an updated security certificate and is safe for shoppers. Browsers like Chrome, Firefox, Edge, and Safari will usually display a padlock icon in the top corner of an address bar signaling if a site is secure. If the icon is broken, red, or missing, trust your browser and don’t proceed!
4) Review links for accuracy before you click on them.
Every user should confirm that hyperlinks embedded in emails, on social media, and in online advertisements actually point to their stated location—not to illicit sites that can install dangerous malware on your machine or try to steal your information. Hovering over a link will display the URL it points to; beware of long strings of nonsensical characters or letters and numbers. Alternatively, you can type a URL directly into your browser instead of just clicking on a link for an extra layer of security.
5) Use a credit card, not a debit card, for online purchases.
Shopping online with a credit card can limit personal liability in case any improprieties arise. (Banks will allow you to dispute a credit card charge much more easily than a debit card charge.) You can safely and securely use apps like Google Pay, Apple Pay, or PayPal too, since they offer extra protection for online consumers.
6) Don’t give out personal information.
If a website asks for your birthday, bank account information, Social Security number, or other personally identifiable details, consider that a red flag. Also, beware of any site that asks you to re-enter a password before checkout. If you can, create unique passwords for each site you use to prevent the compromise of one login credential from affecting any others.
7) DO NOT download attachments from unknown senders.
Spammers will often send fake emails that look like they’re shipping updates from UPS, USPS, FedEx, DHL, and other popular carriers. The same goes for fake gift card messages, which often ask you to confirm an attached statement of a balance. DO NOT click on, open, or download ANY attachments from ANY sender you don’t recognize and aren’t expecting something from.
CMIT Solutions takes a 24/7/365 approach to online protection, working around the clock to keep businesses, devices, and data safe. We recognize that Black Friday, Small Business Saturday, and Cyber Monday present unique challenges to cybersecurity.
We go above and beyond the call of duty to protect users, systems, and information—today, tomorrow, this weekend, and all year long. Want to secure your data and shop safely this year? Want to stay informed on online shopping scams so you can avoid unnecessary stress this holiday season? Contact CMIT Solutions today.