How to Keep your Online Shopping Experience Secure this Black Friday & Holiday Season
As the festive season draws near, consumers aren’t the only ones looking to take advantage of Black Friday and Cyber Monday online deals, spam attacks are starting to also ramp up.
A recent report by Adobe Insight “Holiday Shopping Forecast” predicts that spending for e-commerce will top R3 trillion during the holiday season for the first time ever.
The pandemic is also inspiring new cyber scams, especially with popular video game consoles and other electronic products in short supply, thus consumers always need to be diligent.
Attackers will resort to all tactics to trick users into downloading malware or handing over credit card data compromising their machine. No topic is off-limits, and threat actors have resorted to using everything from PlayStation 5 sales, to COVID-19 cures and news on nuclear weapons as part of their lures over the past year.
News is likely to move quickly around online shopping scams, security breaches and cyber-attacks starting the week of Black Friday.
Conrad Steyn, Chief Technology Officer at Cisco South Africa shares important tips for avoiding holiday shopping scams:
- Do not to use public or free Wi-Fi services when making online purchases, as these are normally unsecured and open to cyber criminals.
- Only download apps from trusted and official app stores like the Google Play store and iOS App Store.
- Look out for apps that ask for suspicious permissions, such as access to your text messages, contacts, stored passwords and administrative features.
- Some malicious apps will try to masquerade as a legitimate version of the one you could be searching for. Signs of these apps include poor spelling and grammar in app descriptions and interfaces, lack of high-quality performance and a developer contact that uses a free email service (such as @gmail.com).
- Avoid clicking on unsolicited emails. Make sure you purposefully subscribed to any marketing emails you receive from retailers before opening it and, even when you are sure you signed up, make sure your emails system has security measures in place before clicking on random links.
- Use an ad blocker locally on your browser. These will often block any malvertising campaigns that aim to capitalise on shoppers looking for deals.
- Try to use payment services such as Google Pay, Samsung Pay and Apple Pay. These services use tokenisation instead of the “Primary Account Number” (your credit card number), making your transaction more secure.
- Use complex passwords that are unique, per site. Attackers commonly reuse passwords to compromise multiple accounts with the same username. Use a password locker if you have a hard time creating and remembering secure passwords.
- Manually type in URLs to sites you want to visit rather than clicking on links, ensure web sites are secure (HTTPS) and have a valid security certificates.
- Use multi-factor authentication, such as Cisco Duo, to log into your email account to avoid unauthorised access.