How can we stay safe during Black Friday shopping?
Many of us eagerly await the annual Black Friday offers to get a good deal on holiday presents (or gifts to self!). Unfortunately, Black Friday is also a great opportunity for cybercriminals looking to scam customers out of hard-earned money and valuable personal data.
The Black Friday weekend, which runs from Thanksgiving Thursday through to Cyber Monday, typically brings in billions of dollars’ worth of sales. For example, the National Retail Federation (NRF) predicts that the 2019 Black Friday holiday period will see an increase in sales of between 3.8 percent and 4.2 percent over the 2018 period.
Year-on-year sales increases also result in year-on-year increases in fraud. Black Friday offers the cybercriminal ample opportunity to commit fraud. Much of this uptick in cybercrime and sales can be attributed to the move to a more online channel preference for purchases. In 2018, a whooping 67% of purchases were made via a mobile channel, according to SalesForce. In addition, social media was widely used by consumers to check out products and promote purchases made.
As we enter the Black Friday and the wider holiday season, what kind of cybercrime should we watch out for and how can we protect ourselves and our customers against it?
Phishing is still the number one tactic used by cybercriminals to steal data, login credentials, and financial information.
►► Related Post: Phishing: 3 Methods to Protect Yourself from Cyber Fraud
In 2018, phishing emails and messaging app-based phishing were extensively used to con shoppers. WhatsApp, for example, was used by fraudsters to phish shoppers over the Black Friday period of 2018. This year, WhatsApp has added a new feature in the form of their Business WhatsApp, allowing companies to create a shopfront on the app. Fraudsters may well use this WhatsApp connection during Black Friday to create new phishing campaigns that look even more legitimate.
One of the reasons that phishing campaigns are so successful is because they use human behavior to enable the scam. Social engineering is a technique used in phishing to encourage users to carry out actions that result in stolen data and/or malware infections. Black Friday scams are keen advocates of social engineering.
Customers should check that a shopping site uses secure connections. A URL that begins with HTTPS is a good starting point.
Also, customers should check whether the URL makes sense. For example, if they are navigating to an Amazon.com site, they should check it really is Amazon.com and not a spoof URL, e.g. Amason.com or Anazon.com. Fraudsters often swap out one or two letters in a URL to trick users.
Of phishing and other social engineering scams. Shoppers should try to be aware of the typical phishing tricks used by fraudsters.
Some types of financial cards offer cover if money is lost in a fraudulent transaction.
Be careful using free Wi-Fi to make purchases. Wherever possible, use a secure Wi-Fi connection and/or a Virtual Private Network (VPN) to login to accounts and make online payments.
Fake shopping apps are being used to trick shoppers into handing over money for fake purchases.
Retailers also play a large part in ensuring their customers are safe from Black Friday shopping scams. These tips help your business to offer a robust and secure Black Friday shopping experience:
Black Friday and Cyber Monday are a great excuse to spend money on family and friends in readiness for the holiday season. Unfortunately, cybercriminals also see this season as an opportunity to defraud customers. By following robust security practices, the impact of cybercrime can be minimized, and Black Friday shopping can be enjoyed by all.
To learn more about effective security habits, download our infographic “Top 10 Security Tips”.