Top 5 Cyber Security Tips For Black Friday and Cyber Monday
The countdown to Black Friday and Cyber Monday has begun. No doubt your work and private email accounts are already filling up with emails reminding you about upcoming sales and pre-sale announcements on everything from apps to plugins and from TVs to shoes.
According to a recent AIB forecast, throughout Black Friday, consumers in Ireland are expected to spend over €25,000 a minute!
At this time of year, it is not just online stores that are gearing up to benefit from the sales. Black Friday and Cyber Monday are also lucrative opportunities for cyber criminals. As caution sometimes goes to the wayside for online shoppers and the usual due diligence, when clicking links to sales and websites, is forgotten.
To ensure your personal and work networks and applications don’t succumb to the mercy of cyber criminals, we have put together our top 5 cyber safety tips for shopping securely throughout Black Friday and Cyber Monday.
1. Phishing Emails`
Phishing emails are one of the most popular social engineering attacks as it’s convenient and it works.
A recent report by IBM, has shown that 33% of cyber incidents in 2021 began with a phishing email.
Cyber criminals have the capability to send out the same phishing email to thousands of work and personal email accounts at any one time, increasing the likelihood of a potential victim falling for the attack.
Black Friday and Cyber Monday typically sees a rise in phishing attacks, with malicious emails offering cash prizes or last minute deals designed to trick unsuspecting consumers.
Phishing emails may appear to come from a well-known brand, even one you’ve previously purchased from, but like with websites, all may not be as it seems. Before clicking a link in an email you should always verify the URL you are being redirected to is legitimate. In addition, check the email address of the sender and keep an eye out for any low resolution images or grammatical errors within the body of the email.
The total number of financial phishing attacks disguised as e-payment systems increased by 208% in October compared to the same period in September 2021.
2. Only shop on legitimate websites
Cyber criminals can clone well known websites to trick consumers into believing they are shopping on a legitimate website. A fake website can appear identical to the real site, particularly at a glance, however, there will be subtle differences present.
Key indications of an illegitimate website:
- Pixelated images
- Broken website functionality
- Misspellings within content
Another key indicator is the website’s address. Ensure the website address is spelled correctly and the domain extension is correct. The legitimate website domain extension may end with ‘.ie’ but the cyber criminals could have created the cloned website on another extension such as ‘.com’ or ‘.org’.
Before entering any personal or company information into a website, you should ensure the site is safe and secure. To confirm a website is secure the first thing you should do is look for a padlock symbol in the address bar, and ensure the URL begins with ‘https://’, the ‘S’ indicates that this website has been encrypted with an SSL certificate. Entering information on a website without HTTPS could be intercepted by criminals.
Unfortunately, this system isn’t foolproof. So, before you purchase on any website, it is worth double checking the URL is correct and submitting it into a website safety check tool such as Google Safe Browsing or do a WHOIS lookup to see who owns the website. This quick sanity check may save you a lot of trouble.
3. Use Credit or Pre-Paid Debit cards where possible
It is always best to use a credit card when shopping online where possible. Credit Cards offer additional protection in comparison to other forms of payment, most major credit card companies such as Mastercard and VISA provide “zero liability” policies which make it easy to claim money back if you are the victim of cyber fraud.
If you don’t have a Credit Card, another alternative is to purchase a Pre-Paid Debit card. These cards allow you to upload a certain amount of money ahead of shopping which you can then spend. These provide you a safeguard as they allow you to segregate your actual bank debit card and card details with online shopping. If a cyber criminal gains access to your debit card details, they can take money from your account which can be hard to claim back as it can be very difficult to prove.
4. Avoid Public Wi-Fi
When shopping online, it is always best to use a secure internet connection such as your mobile phone’s data or a private Wi-Fi connection like your home internet.
Where possible public Wi-Fi should be avoided when conducting financial transactions or accessing private information. The majority of public Wi-Fi requires no authentication to establish a connection and begin browsing. This can provide cyber criminals with some easy pickings as they can gain direct access to any unsecured devices connected to the same open network as them. Once they have gained access they can steal valuable information such as login passwords, card or other financial and personal information.
Cyber criminals can also spread malware across public Wi-Fi which could provide them with unrestricted access to everything on your device.
5. Update / Install Security Software
Before you take advantage of the Black Friday and Cyber Monday deals, you should check that your antivirus and security software is up-to-date.
Security software suppliers continuously release updates to patch any vulnerabilities which may have been uncovered. Having the most up-to-date antivirus, latest version of web browser installed, and Operating Systems patches installed, such as the latest Windows updates will limit hackers exploiting known security vulnerabilities in outdated versions.
If you don’t have any antivirus or patches and updates installed on your computer, you should make this your first Black Friday purchase.
Although cyberattacks and data breaches are on the rise, it is still possible to safely shop online. Nobody should be afraid to do so, you just need to stay vigilant and proactive while shopping online. Above all, you need to be realistic. If you come across a deal that seems too good to be true, then it may be best to err on the side of caution.
We hope these tips provide you with some useful guidance and information ahead of your shopping.
Concerned about the security of your organisation
Secora Consulting provides a range of services that can help you to assess the security of your organisation.
Our baseline assessments focus on quickly bringing your systems in line with best practices by identifying missing patches and known issues in your systems.
If you are interested in a more in-depth assessment of your infrastructure, ask us about our penetration test services, where we will identify and exploit vulnerabilities in your network, showing just how far an attacker could get.
Get in touch today and discuss your options.
All of Secora Consulting's assessments are tailored to our client's needs.
Using our experience, we can help you determine which services are right for you.
We have arranged our services into four groups based on the objective of the tests.