The Black Friday weekend is a chaotic time for shoppers as they hunt down deals in-store and online. Consumers are set to spend in record numbers this holiday season, with one study predicting that sales could hit $207 billion in the US alone.
But as experts warn every year, the dash for bargains leaves people vulnerable to scams and other cyberattacks.
Take a look at our blog to find out how you might fall victim and what you can do to protect yourself.
Beware of scams
Cybercriminals feast on people’s curiosity and confusion, so it’s no surprise that they up their games over Thanksgiving. You can expect a barrage of bogus banner advertising and social media posts containing deals that seem too be to be true – and for the most part, they will be.
Meanwhile, you should be most concerned about phishing emails. These are scam messages that claim to be from a legitimate organisation and are intended to trick the recipient into handing over their sensitive details or downloading malware.
One of the most common phishing scams during the holiday season are fraudulent order confirmation emails from Amazon or other online retailers.
Picture the scene: you’re just finished browsing for deals online when you check your emails. You have half a dozen messages confirming your purchase, and you flick through them. But there seems to be a mistake with one: you swear you didn’t buy anything that fits the description.
The email doesn’t say what the purchase was for, but it does include a link where you can view your order details.
If this happens to you, do not follow that link. There is a good chance that it is a phishing scam, and the link will direct you to a bogus site that looks like Amazon’s login page but is controlled by criminal hackers.
You should instead navigate to the website using your browser and check your order history from there. If you have been charged for the item, it will display here. If not, you know the message is a scam and can delete it.
Other top tips
Here are some additional things you can do to protect yourself when shopping online over the holiday season:
- Remain vigilant and think about what you’re seeing. If an offer seems ‘unbelievable’, it probably is. If you receive emails from an unknown source with enticing subject lines, think before you open them. And never disclose your personal information.
- Use credit cards. Credit card companies often offer better fraud protection than debit card providers, and many don’t hold the cardholder liable for fraudulent purchases. Alternatively, consider using PayPal, which offers a dispute resolution service. If you’re buying in store, making cash purchases means your data won’t be processed on the shop’s POS (point-of-sale) system.
- Use secure websites. When buying online, only visit and transact on secure sites. These are easily identified by the padlock symbol next to the URL, and/or the https at the start of the URL (rather than just http). These two signs are indications that the site is safe to use.
- Monitor your financial statements. Even if you have taken the above steps, take the time to monitor your bank accounts. If there has been any fraudulent activity, you’ll want to flag it with your payment provider so that cards can be frozen and an investigation started.
Want to know more?
You can learn more about online scams with our Phishing Staff Awareness E-Learning Course.
This online course explains everything you need to know about scams, from phony text messages and emails to telephone con artists.
Your staff will learn about specific cons, the consequences of a successful attack, and how to identify a bogus message before it’s too late.
A version of this blog was originally published on 21 November 2018.