Staying safe when shopping online this holiday season


Scams, cybercrime

The holiday shopping season may be the time to splurge, but it’s also a favored time of year for cybercriminals to target shoppers with fake deals, phishing scams and other threats .

Tis the season to be careful: 12 steps to ruin a cybercriminal's day

The holiday shopping season is in full swing. This involves a seemingly endless few weeks of shopping chaos as we rush to take advantage of great deals and buy gifts for friends and family. Despite the rising cost of living, Deloitte predicts a 10-13% increase in online sales for the 2023 holiday season in the United States compared to the same period in 2022. This represents more than 1 500 billion dollars to be won, and more in Europe and its neighboring countries. largest online marketplace, UK. But retailers aren’t the only ones who want your money: malicious hackers are too.

So before you get carried away, take a minute to learn about the most common scams and cyber threats and how to stay safe online.

What are the issues when you buy online?

Global e-commerce is on fire. THE the market is planned is expected to grow at a CAGR of 12% between 2021 and 2025, surpassing $8.5 trillion by 2025. But with so much money up for grabs, it’s no surprise that scammers and fraudsters are ready to pounce . And they are particularly willing to take advantage during busy periods like the run-up to Christmas, when it may be easier to hide fraud in increased purchases and when shoppers are arguably more distracted.

So what do they want? Simply put, your money and/or personal information, including relevant account logins, which can then be sold to others to commit identity fraud. Here’s a quick overview of some of the most common threats to watch out for this holiday season.

  • Fake sellers: These work on legitimate sites like Facebook Marketplace, and attract buyers by listing in-demand products at shockingly low prices. They may also generate fake reviews about their “store” in order to add legitimacy. Users will be prompted to pay via instant payment apps like Zelle, Venmo or Cash App. But they never receive their purchase because it was a scam.
  • Account takeover (ATO): Cybercriminals are always looking for ways to hijack customer accounts. Indeed, they can use stored cards to make fraudulent purchases, or find personal information in accounts that can be sold to others. The most common way to commit ATO is through stolen or phished logins. Sometimes, scammers use credentials they obtained from other sites (via a data breach), and which victims use across multiple accounts. That’s what we call credential stuffing.
  • Fake online stores: This is a similar threat to the fake seller scams listed above. However, scammers go to even more extreme lengths to appear legitimate. They will spoof the website of a real retailer or brand. Not only will victims not receive their item, or possibly receive a counterfeit version, but scammers will also capture their card details for future fraud.
  • Fake apps: These are similar to fake online stores and are often peddled on unofficial third-party app stores or phishing sites. Users may encounter it after clicking on a fraudulent link on social media or via email/SMS.
  • Phishing: This is still one of the most common ways fraudsters obtain personal and financial information, which can then be used to defraud your identity, for example by purchasing items or applying for a loan in your name. Fake emails, messages, or texts on social media are designed to appear as if they were sent by a legitimate company.
  • Fake gift cards: Similar to fraudulent transactions involving electronics or high-end fashion, you might encounter a attractive offer for a substantial gift card balance or a card sold at a significantly discounted price from its face value. However, clicking on the link provided in the email or text message, supposedly to claim your gift card, may result in the installation of malware, compromise of your personal data, or receipt of a stolen card .

At this time of year, these may include fake messages from delivery companies that require additional information or payment of a “tax” or “customs” fee. You may have ordered so many things online that it’s difficult to track legitimate orders. Sometimes clicking on a link will install malware designed to flood your screen with ads or steal personal/financial information.

12 Ways to Stay Safe When Shopping Online

With the above in mind, here are 12 tips for staying safe – one for each day” of Christmas :

  • Make sure you secure your PC and mobile phone with multi-layered security software from a reputable vendor. This will go a long way in preventing the damage that information theft and other malware can cause.
  • Always use strong, unique passwords on all accounts (via a password manager) and enable two-factor authentication (2FA). This will help mitigate the risk of password theft and account takeover.
  • Beware of bargains that are too good to be true. If an item or special offer seems too good to be true, it probably is.
  • Always use secure websites for any purchases. Look for the padlock in the browser bar and an HTTPS address. This will limit the ability of hackers to listen to your communications and steal your card information.
  • Check your bank and credit card accounts regularly during the shopping season and contact your supplier immediately if any transactions appear suspicious.
  • Try to only shop from brands you trust. If you’ve never heard of it before, do some research about it first – try Googling the name more “scam” or “fraud” and look at customer reviews to gauge its reputation.
  • If you buy from an online marketplace, always pay by credit card (as there are more protections for buyers this way) or even consider using a disposable virtual card for one-time purchases.
  • Only download mobile apps from a trusted source; i.e. App Store and Google Play.
  • Never purchase items or log into accounts (especially not your bank account) while connected to a public Wi-Fi network, as this can be risky. Use a virtual private network (VPN) in these cases if you absolutely need to get a good deal without using your home network or data plan.
  • If you receive an unsolicited email or text message, think twice before clicking on it. Separately check with the sender if it is legitimate (but not by replying to the message).
  • Consider guest checkout when purchasing from a legitimate business. If you save your information, there is always a chance that it could end up in the hands of a cybercriminal if that company is breached.
  • Never click on pop-up ads, even if they offer great deals, because these ads are often malicious.

Keep these simple steps in mind and you won’t go wrong. Now the only risk is that you spend more than you planned this holiday season.

Happy and safe online shopping!

Leave a comment