Cybercriminals are aware that online shoppers may let their guard down during the rush on Black Friday because it offers opportunities to score discounted deals.
|Black Friday online shopping Hackers|
As consumers hunt for gifts and deals in advance of the holiday season, we are about to enter the busiest time of the year for internet shopping.
And now Black Friday and Cyber Monday, the days bookending Thanksgiving weekend where stores offer significant discounts and bargains, have intensified what was already a bustling time for shopping. Black Friday was once a US tradition, but it is now celebrated by shops all around the world.
While Black Friday might provide opportunities for consumers to purchase items at significant prices, it also serves as a key target for scammers, fraudsters, and cybercriminals due to its popularity and the rush to snag deals.
Because they are opportunists, cybercriminals will always take advantage of significant events to launch campaigns. When customers are actively seeking to give their credit card numbers and other personal information to online businesses, this is the ideal chance to attack.
The UK's National Cyber Security Centre (NCSC) reports that during the holiday shopping season last year, victims of online shopping scams lost an average of £1,000 ($1,176) per, and that number is rising.
In some of these schemes, thieves just steal money. Others have observed con artists sending customers subpar imitation goods. Additionally, there's a chance that phishing websites may steal your username and password, and there's even a chance that malware will be installed on your computer by hackers.
Here are some tips on how to improve your cybersecurity in the face of all these external threats when shopping on Black Friday.
Be wary of unforeseen emails promising Black Friday deals:
When many of us hunt for Black Friday deals, we often have a specific item in mind, like a new laptop or gaming system. It's also possible that many of us will hunt for discounts from reputable stores like Amazon, Walmart, or BestBuy.
However, many online merchants will also send out marketing emails to generate interest in Black Friday, encouraging recipients to click through for deals. Cybercriminals send out phony versions of these emails since they are aware of this.
According to Mike McLellan, director of intelligence at the Secureworks Counter Threat Unit, "people are looking at their inboxes searching out for offers, looking for links they can click to receive discounts - so it simply creates a very ripe environment for crooks attempting to social engineer individuals."
These emails may link consumers to websites that provide bogus goods or offer nothing at all, with the fraudsters simply pocketing the money.
If the bogus website is based on a well-known retailer, there's also a chance that the attackers would ask victims to log into their accounts using a phishing page in order to steal their login, password, and any other personal information related to the account.
Be wary if you receive an email offering Black Friday deals, especially if it purports to be from a store you don't recall joining their mailing list for. To eliminate the risk of viewing a fake or dangerous website, go directly to the merchant rather than following the link.
If you've never heard of the retailer, proceed with caution and do your homework.
The online-shopping market is a massive one, and while many well-known, large businesses provide online shopping options, there are also many independent stores and individual sellers who have the chance to sell their goods to a wide audience in the lead-up to the holidays.
Many of these smaller retailers will be completely legitimate and give people the chance to purchase goods, possibly even at a lower cost than what big-box stores are charging. However, con artists take advantage of people's desire for deals by sending them to storefronts of online merchants that may or may not actually stock any goods.
Shoppers may be led to these bogus stores by phishing links, con artists manipulating search engine results, or links on social media accounts that have been taken over. If you haven't heard of a merchant before, do some research to make sure that it is a legitimate and reliable website. Pay close attention to any reviews that may have been written, as they may indicate problems.
Additionally, it would be a good idea to stick with a store that you are familiar with and trust when buying an expensive item like a smartphone or tablet.
"I advise consumers to exercise caution when choosing their vendors. Our statistics reveal that the majority of scams last year featured electronics and mobile devices, so always shop at authorized stores and avoid being lured in by offers that appear too good to be true "Pauline Smith, the director of Action Fraud, advises.
In your haste to find a deal, you might not look up at the browser address bar, but if you do, you might just prevent identity theft.
Any private information transferred to the site, such as passwords or bank data, is secret and kept secure if you can see a small padlock icon to the left of the URL, which indicates that the site is secured by HTTPS. Although occasionally online criminals may secure an HTTPS padlock in an effort to deceive people, this often indicates that the website is secure and safe to access.
The NCSC advises online consumers to use a credit card whenever possible rather than a debit card when making payments online since using a credit card offers more protections since many credit card companies are required to return money if you become a victim of fraud.
Using a credit card that isn't linked to your primary bank account might also be beneficial because it will protect your primary bank account if your credit card information is taken.
Using services like PayPal, Google, or Apple Pay can also assist prevent identity theft by protecting your bank information.
Watch out for "missing delivery" notifications.
Cybercriminals don't simply target people during the purchasing process; with more people turning to online shopping, consumers are relying more than ever on delivery services, and attackers are aware of this.
Because of this, scammers are disseminating numerous communications under the guise of delivery firms including DHL, UPS, Royal Mail, Evri, and many more.
These messages, which come in the form of emails or SMS messages, say that you either missed a delivery because you were away or that there was a problem with the postage fees and you must pay a fine.
The victim, who is receiving the message as part of a large phishing attempt, won't know if they have purchased anything from that company's delivery service or not. However, due to the massive volume of deliveries made during Black Friday and the holiday shopping season, customers may expect packages and be duped into clicking on the links.
What they discover are websites that might be nearly exact replicas of legitimate delivery services, and they almost certainly solicit visitors to input their passwords or bank information, which are subsequently stolen and used to perform other cybercrimes.
Therefore, it's advised to avoid clicking on "missing delivery" links in order to be safe, especially in text messages from unknown numbers.
"I would simply disregard any text messages or emails that you receive from somebody you don't know. Do not click on incoming text messages or WhatsApp messages "According to Rachel Jones, CEO of the online brand protection company SnapDragon Monitoring.
It's also important to keep in mind that many delivery services won't request additional money, especially over text. And if you have placed an order, you most certainly received an official tracking link when you did so; if you are awaiting delivery, you can use that link to monitor the order's status.
Use multi-factor authentication and a strong password to secure your accounts.
Cybercriminals frequently target people's wallets during Black Friday scams, but it's crucial to keep in mind that there is money to be earned from other types of account information as well, such as usernames and passwords.
Phishing emails are frequently sent by online criminals posing as service providers and shops like Apple, Amazon, Microsoft, and Google with the goal of obtaining login information.
These emails may occasionally claim that there is a problem with your account, a purchase has been made, or that you are entitled to a prize or a refund. The attackers' goal, regardless of the bait they employ, is to get your username and password on a phishing website, which they can then use to access your account.
Then again, if your account is protected by a well-known or weak password, an attacker may not even need to send you a phishing email to get access to it. Instead, they may be able to simply conduct a brute force attack to get in.
The attackers could use this information to steal your data and carry out fraud in your name, or they could sell it on dark web forums.
Because of this, it's crucial to protect all of your accounts, including email, online shopping, online banking, and even social networking, with a strong, distinctive password and multi-factor authentication (MFA).
Using MFA adds another layer of protection against assaults while also alerting you to potentially unusual activities, especially if you do a lot of online shopping. A strong password can help prevent hackers from breaking into your account.
According to Lindy Cameron, CEO of the NCSC, "unfortunately, we know that criminals will try to exploit consumers around this time of year, which is why robust cybersecurity has such a vital role to play."
And if a password is found to have been stolen, it needs to be reset right away.
Also, keep in mind that if something seems too good to be true, it probably is.
It may be simple to be duped by steep reductions when looking for Black Friday bargains, especially for popular items.
Therefore, it's important to keep in mind that if a deal seems too good to be true, there's a good chance that it probably is when shopping for Black Friday deals or at any other time of the year. Additionally, it might be preferable for you to be safe than sorry.