Security Best Practices for Black Friday and Cyber Monday
The holidays are a magical time of the year. Black Friday and Cyber Monday allow us to surprise friends and family with special gifts at a fraction of the cost.
Online shopping is more convenient than ever—many retailers have moved their doorbuster deals online, reducing the risks of physical dangers associated with crowded stores. However, as online shopping becomes increasingly popular, so do the risks of cybercrime and scams targeting unsuspecting consumers.
Think you’re safer doing all your shopping in person? Not so fast—criminals have adapted, targeting holiday shoppers with new gift card scams you’ll want to be aware of this year.
Do you know how to protect your network, data, and precious wallet from hackers? We’ve put together a list of tips to help keep you safe through the entire holiday shopping season.
9 Tips for Safely Shopping Black Friday and Cyber Monday Online Sales
1. Be Critical of Email Deals To Avoid Scams
Email is still one of the main avenues businesses use to promote deals and products—it’s also one of the main avenues threat actors use to hack into your system.
If you’ve opened your inbox recently, you’ve probably seen subject lines like “BIG CYBER MONDAY DEAL!!!” Before you open the email, make sure you can identify the sender and that the email address looks legitimate. Phishing attacks are among the most common types of cyberattacks we experience as cybersecurity professionals at High Touch. Hackers also use “last minute” deals to instigate users. Click carefully.
Example. A hacker might spoof an email from “Amazon” with an address like “support@amaz0n-deals.net” offering an exclusive 90% discount. Always double-check the sender’s email address for subtle errors.
2. Avoid Emails With Attachments
If hackers can get into your system, they can eventually find a way to get their hands on any file they want. One of the most common ways hackers gain access to devices is through email attachments. Harmful files can easily be disguised as an exclusive Black Friday or Cyber Monday coupon or secret best customer deal. Avoid downloading email attachments unless you personally know the sender and you’re expecting the attached file.
Example. You receive an email claiming to include a “$50 off your next purchase” coupon as an attachment. The attachment is a malicious file that installs ransomware on your device when opened.
3. Research Deals With Retailers
If you receive an exclusive Black Friday or Cyber Monday deal, the odds are favorable that other customers have too. Do your research. Browse the retailer’s website to see if they’re advertising that specific deal. When in doubt, contact the retailer’s customer service department to verify the deal using the contact information provided on the retailer’s website.
Example. A pop-up ad claims, “Flash Sale: 95% Off Everything at BestBuyStorez.com.” Visiting the site reveals a fake storefront created to steal your payment information. Instead, go to Best Buy’s official website to confirm the deal.
Here’s how you can find what you want faster on Google.
4. Update Your Browser
Browsers require consistent security updates to keep you protected from the latest cyberthreats. If you’re using an old, outdated browser, you’re not protecting yourself against recently developed cyberattacks. Verify that you’re using the most recently released version of your preferred browser before you start your online holiday shopping spree.
Example. If you’re still using an older browser like Internet Explorer, you might not have the latest protections against phishing sites, making it easier for hackers to steal your login credentials.
5. Verify You’re Using a Safe Connection (HTTPS)
When you navigate to a retailer’s website, make sure the URL begins with “https.” Hypertext Transfer Protocol Secure (HTTPS) ensures the website has a valid Secure Sockets Layer (SSL) certificate and that the information you provide is encrypted. Encryption makes it difficult for hackers to tamper with or steal the information that you’re communicating.
Example. You’re about to enter your credit card information on a site that starts with “http” instead of “https.” Without the “s,” your data could be intercepted by cybercriminals, leaving your financial information exposed.
6. Use Strong Passwords
In general, it’s recommended that you use strong, unique passwords for your online accounts. If you’re using simple passwords or reusing passwords, hackers can quickly gain access to your digital information, including bank accounts, business accounts, files, and personal information. High Touch recommends using an extensive combination of letters, numbers, and symbols when creating passwords. When in doubt, use a password manager with multifactor authentication to manage your account information.
Example. Click here to learn how to create a stronger password.
7. Avoid Public Wi-Fi
We strongly discourage sharing personal information, including online shopping data, over public wi-fi connections. Generally, these connections have weak security precautions and allow hackers to steal your information as it’s being transmitted.
Example. While at a coffee shop, you connect to “FreeCoffeeWiFi” and purchase holiday gifts. A hacker monitoring the network captures your credit card details in real-time.
8. Use Credit Cards, Not Debit Cards
Credit cards offer an extra layer of protection when you’re shopping online. Unlike debit cards that are directly linked to your bank account, credit cards usually offer greater protection in case your account is compromised. Also, you won’t have to worry about a stolen credit card number affecting your personal checking account for the entire holiday shopping season.
Example. Your debit card information is stolen during an online transaction, and your bank account is drained. With a credit card, you can dispute fraudulent charges and avoid immediate financial loss.
9. Verify Your Account Statements
After the holiday season, verify that account statements match your purchase activity. If you notice any unknown transaction activity, report it immediately.
Example. You notice a $200 charge from an unfamiliar retailer. Upon investigation, you realize it’s from a site you shopped at during a holiday sale. Reporting it to your credit card company helps you recover the funds.
Beware of Gift Card Scams
Gift cards are a popular and convenient choice for holiday gifting, but criminals have developed ways to exploit them. One increasingly common scam involves tampering with physical gift cards displayed in stores.
How the Scam Works
- Stealing the Code. Scammers use tools like steamers to carefully remove the protective packaging of a gift card. They record the card’s code and PIN, then reapply a fake scratch-off layer and reseal the packaging to make the card appear untampered.
- Tracking Activation. Once the gift card is purchased and activated at the register, scammers use algorithms to detect when funds are loaded onto the card. They then immediately drain the balance online, leaving the unsuspecting gift recipient with an empty card.
How To Protect Yourself
- Inspect Physical Gift Cards. Before purchasing a gift card, check for signs of tampering, such as mismatched or uneven seals, scratched-off areas, or altered packaging.
- Buy Directly From Retailers. To avoid tampered cards altogether, consider buying digital gift cards directly from the retailer’s website or app.
- Keep Receipts. Some retailers offer replacement policies for compromised gift cards if you provide proof of purchase.
We Help Keep Your Business Safe.
At High Touch Technologies, we specialize in cybersecurity solutions to help protect businesses during the busiest shopping seasons and beyond. From firewalls to endpoint protection, email security, and consulting, we provide the tools you need to stay secure.
Contact us today to learn how High Touch can help safeguard your business from cyberthreats and scams. Stay safe this holiday season!
Curious about more secure online shopping tips? Check out the FTC’s recommendations.