There’s no doubt that the year 2020 has changed consumer behaviour. With COVID-19 restrictions, how, when, and where people shop has changed. This holiday season is perhaps the most digital-first shopping experience with COVID-19 limiting in-person shopping experiences. According to a survey on U.S. consumer behaviour, 75% of surveyed U.S. shoppers said they will shop online more for the holidays.
As we head into Black Friday and Cyber Monday, the number of consumers shopping online is on the rise providing cybercriminals with more opportunities to attack. According to findings from McAfee’s 2020 Holiday Season: State of Today’s Digital e-Shopper report, online cybercrime continues to increase, with McAfee Labs observing 419 threats per minute in Q2 2020, an increase of almost 12% over the previous quarter. In the same report, McAfee also noted that less than half of the people surveyed indicated that they check to see if the Black Friday and Cyber Monday deals they receive electronically are authentic.
Shopping online and trying to avoid cyberattacks can be a minefield. Knowing how to spot cyber threats is the first step to prevent a cyberattack. To help you prepare for your online holiday shopping, we’ve prepared a guide to help you recognize common attacks and avoid them.
Common Cyberattacks You’ll Likely Encounter While Shopping Online
- Phishing: One of the most common and easily deployable cyberattacks are phishing scams. Phishing scams often come in the form of email or text and are disguised as coming from a credible source such as your bank, someone you know, or even the company you work for. The goal of phishing scams is to attract users with bait such as a giveaway, or even fear tactics such as owing someone money in fear of punishment. Phishing scams manipulate users into revealing personal and sensitive information such as your name, address, and credit card information.
- Copycat Websites: Another common tactic that cybercriminals use are copycat websites. These fake sites are designed to look like credible retailers and manipulate users into providing their personal and sensitive information and making false purchases.
- Malware: Like Phishing scams, malware presents itself in many forms. It is software that is designed to interfere with, damage, or gain unauthorized access to a computer system. If your device is infected, it can cause freezing and crashing, poor performance, unwanted pop-ups, and toolbars, and even send out unwanted emails.
Cybersecurity Practices to Help You Avoid Common Cyberattacks
The most important way to avoid a phishing scam is to learn how to recognize one. Here are seven red flags to look out for:
- Urgent or threatening language
- Requests for sensitive information
- Anything too good to be true
- Unexpected emails
- Information mismatches
- Suspicious attachments
- Unprofessional design
Cybercriminals may disguise a fake website as a credible retailer or organization. Take the following proactive steps to avoid a scam:
- Always check if a website is secure by inspecting the URL (you can tell if you see “HTTPS” in the URL and a lock icon in some browsers)
- Verify that the merchant website you are visiting is authentic by reading off-site reviews
- Inspect retailer’s websites to determine if there are multiple versions of the site and which is the real one by looking at the pages and URL’s
- Look out for contact information such as a physical location or customer service support
You can protect your devices from malware by:
- Installing and using trustworthy anti-virus software
- Avoiding suspicious links and email attachments
- Only downloading from trusted sources
- Using a VPN on unsecured networks like public Wi-Fi
Best Practices for Online Shopping
When online shopping, it’s important to know how to protect yourself and your information from hackers. The following are some general best practices to reference for online purchases:
- Use a credit card: Most credit cards have more consumer protections than a debit card directly linked to your bank account. You may also want to consider using third-party, secure payment solutions if you do not fully trust the retailer.
- Limit how much information you disclose: In most online checkouts, the merchant will ask you for your personal information such as your name, phone number, and address. In many cases, not all the information asked for is required to make the purchase. If you are wary of the merchant knowing your private information, it may be best to consider a different retailer or limit the amount of information you disclose.
- Monitor your financial statements: If you notice a purchase charged to your credit card that you did not make, it could be possible that your card was compromised. Always check your receipts and statements and notify your bank of any suspicious activity.
- Establish and use a secure Wi-Fi connection: When accessing websites where you enter your personal and payment information, it’s important to ensure your network connection is secure. Unsecured networks can leave you vulnerable to prying eyes that can steal your information.
For more expert advice and tips to help you stay cyber safe, check out our IT Service Blogs under the AlphaKOR Academy. The following resources also serve as helpful guides to staying cyber safe this holiday season:
- National Cybersecurity Alliance: Tips for Safe Online Holiday Shopping
- National Cybersecurity Alliance: Online Safety Basics for Online Shopping
- Government of Canada’s Get Cyber Safe: The 7 Red Flags of Phishing
- Government of Canada’s Get Cyber Safe: Is Your Network Holiday-Ready?
Remember, think before you click!