Cyber Monday – a day that retailers latched onto after noticing that folks going back to work the Monday following Thanksgiving were sneaking in their Christmas shopping online. Cyber Monday has not only become one of the busiest online shopping days of the year for retailers but a bonanza for cybercriminals targeting oblivious shoppers and because of Covid-19, may be the biggest one yet. In fact, the Cybersecurity and Infrastructure Security Agency (CISA) sent out an advisory last week cautioning shoppers of this year’s threats in particular.
Despite being concerned about the security risks behind online shopping, consumers lack knowledge about some of the biggest retail risks. According to RiskIQ researchers, 85% of shoppers are concerned about their personal information being compromised when shopping by computer and 88% through a mobile app. Even so, it’s estimated that 75% of people will spend the same or more in online shopping compared to last year, before the pandemic. In all the frenzy, how do you avoid becoming a victim?
The Takeaway – 3 Tips
There are a lot of tips, tricks and articles on how to be a smart shopper. Let me condense them down for you with just 3 tips you can use today during your online shopping spree:
1. Buy only from trusted websites and sellers
I know this is obvious but the most reported fraud to FBI’s Internet Crime and Complaint Center is for order non-delivery. This means that a too-good-to-be-true deal came up on a legitimate looking, yet shady website and scammers just took the money and ran. They not only take money but often credit card number and personal information, then sell it on the Dark Web or use it for identity theft.
Buy online only from trusted sellers with logistics in place to deliver your goods. The top retailers (in no particular order) are Costco.com, BestBuy.com, SamsClub.com, Walmart.com, HomeDepot.com, Walmart.com, OldNavy.com, Macy.com and Target.com.
I personally believe that if it’s not on Amazon, it’s not worth buying. I’m sure there are exceptions, but it applies to most purchases. To add to that, if it’s both shipped and sold by Amazon, even better. At the very least, if it is sold by a 3rd party seller, make sure that it’s at least shipped by Amazon. For eBay purchases, be sure to research the seller and their rating. If you’re on the fence don’t buy it!
2. Careful of suspicious shopping apps
RiskIQ researchers found that 72% of respondents said they would download a shopping-related app if it offered a steep discount. In addition, 58% said they do not check who the developer is before downloading an app.
Why is this a problem? Because it leaves an easy way for hackers to siphon all the data off your phone! All they need to do is offer a discount to lure you in. Avoid downloading apps with ambiguous origins – such as ones not from official app stores like Google Play or the Apple App Store. Also check that an app developer or website has a good reputation – your private data is at stake here.
3. Keep an eye out for those clever sites & emails
Keep an eye out for fake sites spoofing reputable businesses, unsolicited emails purporting to be from charities, and unencrypted financial transactions. Experts anticipate holiday shopping during the 2020 Black Friday and Cyber Monday season to be largely carried out online. According to the RiskIQ study, health concerns related to the pandemic, and convenience were the top 2 reasons. 70% plan to shop primarily with a mobile phone and you can expect scams and phishing attacks to make their way onto your device. You can forward suspicious emails to us for review or simply delete them. It’s unlikely you’ll receive multiple messages from the same scummy seller – they usually get shut down pretty quickly.
So those are my top-3 tips for making it through Cyber Monday without getting scammed. But, the Holiday season is not over yet. CISA has released a number of resources to help us stay vigilant and avoid becoming a victim:
- CISA’s Online Shopping Tip
- CISA’s Holiday Online Shopping page
- CISA’s Social Engineering and Phishing Attacks Tip
- The Federal Bureau of Investigation’s (FBI’s) ‘Tis the Season for Holiday Online Shopping Scams – Don’t Be a Victim Announcement
If you believe that you are a victim of a scam, consider the following courses of action:
- Report the incident to your local police, and file online reports at the Federal Trade Commission’s Report Fraud page and the FBI’s Internet Crime Complaint Center (IC3) page.
- Watch for unexpected or unexplained charges to your account. If any appear, contact your financial institution immediately and close any accounts that may have been compromised. See CISA’s Preventing and Responding to Identity Theft Tip for more information.
- Change any passwords you might have revealed immediately. Avoid reusing passwords. See CISA’s Choosing and Protecting Passwords Tip for more information.
2020 and the pandemic has been called the golden age for hackers and cybercrime is higher than ever. If you think this information might help a friend, feel free to pass it along.
Unfortunately, the Internet is broken. Join us in the fight to protect businesses like yours against theft, crime and disaster.
Stay safe out there.