Despite the negative impact the hard lockdown has had on global economy, the annual Black Friday retail sales tradition is expected to remain popular this year. Instead of limiting sales specials for just one day, many stores have taken to doing Black Friday for the entire month of November. But where there is money to be made, you can be certain that cybercriminals will be watching and looking for opportunities to exploit unsuspecting shoppers.
The COVID-19 pandemic and resultant social distancing rules will see a predominantly online feel to Black Friday this year. Online retailers are expected to capitalise on people staying at home and avoiding potentially large crowds at physical stores, so the signs point to a surge in online shopping. This presents malicious users with more potential targets than ever to infect with malware, perpetrate identity theft, and steal credit card details. Cleverly-designed phishing scams that masquerade as discounts from popular brands have become almost indistinguishable from the real thing.
“Consumers must remain vigilant whether it is shopping for Black Friday specials or the upcoming festive season. As in previous years, fake sites will be a major source of concern as they become even more sophisticated than those that appeared in 2019. The most fundamental security tip any shopper must heed is that if something sounds too good to be true, it is. For example, 80% off on that smart TV is highly unlikely,” comments Maher Yamout, Senior Security Researcher at Kaspersky. “Caution and extra vigilance must become part of any online shopper’s repertoire. As hackers continue to exploit uncertainty around the pandemic, users who want to participate in Black Friday must become more security conscious,” – he adds.
We advise shoppers to follow these 12 tips this Black Friday period:
- Make sure you apply security updates to your operating system and applications as soon as they are available.
- Only use secure sites. Look for a URL beginning with ‘HTTPS://’ – that’s ‘S’ for SECURE. Look also for a closed padlock on the web browser’s address bar – by clicking or double-clicking on it you will be able to see details of the site’s security.
- Use a unique password for every online site – use a mixture of letters, numbers and special characters and make sure they’re at least 15 characters long.
- Don’t click on random links in e-mails – it’s better to type in a URL yourself, to avoid the risk of ending up on a phishing site. If a deal seems too good to resist, go directly to the website to find it, rather than click on the link, to be sure.
- Try to stick to familiar sites that you know or have heard of. But even then you need to take care – criminals often deliberately misspell the name of their fake websites to make it look like a familiar site.
- If you do buy from a new vendor, research it carefully. A good test is to see if they can be contacted if the order goes wrong – look for an e-mail, a phone number, an address and a returns policy. A vendor’s feedback history is another good sign of their honesty and reliability.
- Use extra caution when using your mobile device for online purchases. Shortened URLs, often used because they are phone-friendly, can hide the fact that they lead to a risky site. If you have to mau tke a transaction then and there, switch Wi-Fi off and use mobile data. Otherwise wait until you are back on a secured connection.
- Avoid using untrusted public Wi-Fi hotspots for confidential transactions like online shopping – public Wi-Fi networks are common places for hackers to sneakily intercept your information.
- Ensure that your children do not have access to your online accounts, and make sure they can’t access to your credit card and bank information
- Backup your data regularly to avoid your personal files being lost if you are the target of a cyberattack.
- Keep checking your accounts regularly to make sure you notice any unusual/fraudulent activity straight away.
- Secure your all devices using reliable security software, like Kaspersky Total Security.