With Black Friday and Cyber Monday just gone we are fully into the Christmas shopping season. But with new data from Action Fraud reporting that Christmas 2020 saw £15.4m in online shopping scams, how can we shop safely online?
Know, Like, Trust
There are some simple actions to take to ensure that you remain safe whilst shopping online this Christmas.
- Familiar – Ideally shop from places that you have shopped before – so familiar retailers or websites. If you must use a new website or retailer ask friends, family and colleagues if they have used the site before or look into the reviews of that site using Trustpilot for example.
- Data Privacy – Only set up accounts with new retailers if you think you will use the site a lot in the future (this will save on spam too). Many websites offer an option to check out as a guest or to login using Facebook. You should, however, be wary of any sites asking for information which is irrelevant to the purchase (e.g., mother’s maiden name).
- Payment Methods – Before entering any payment details check in the URL bar that there is a small padlock, as this shows the site is secure. Additionally, pay for online purchases with a credit card as then you are likely to be protected should something go wrong.
General Online Safety
There are also some basic online security activities that can help prevent online shopping fraud this Christmas.
- Passwords – Always make sure that the passwords used are strong passwords of at least eight characters with both upper- and lower-case letters. And, this is most important, don’t use the same password for every shopping site you log in to.
- Email Links – During the festive period you will receive numerous emails which contain links to great offers. If the emails are genuine this isn’t a problem, but if the emails are phishing emails the links could lead to a fake website which will use any data you submit, or they can download ransomware or malware to your device.
To be on the safe side, don’t click on links within emails. Instead go to the website directly using a search engine.
You can also check the email address of the sender as you can spot the dodgy ones as they will often be something like firstname.lastname@example.org or Sandra@N3xt.com. Not many major retailers use Gmail or Yahoo, and it is unlikely a retailer will spell their brand name wrong.
- Smishing – Although smishing sounds innocuous, it is the same tactic as the dodgy email links but sent directly to your phone using SMS. The messages will appear to be from genuine retailers, or they will look like they have come from your connections with a link and often no text or something short like ‘check this out’.
Clicking on the link will take you to a fake website, or it will download malware to your device. Neither is ideal. It’s better not to click on the links at all and go to the website directly instead. And if the message appears to be from a friend you can always ask them if it is genuine.
- Free Public Wi-Fi – Isn’t free public Wi-Fi great? You can do your shopping whilst having a coffee or waiting for your friends or check if an item is cheaper on Amazon than in the store.
But here’s a scenario for you. If you were at a cashpoint tapping your pin in, would you still do it if there were a couple of people looking over your shoulder? No, of course you wouldn’t.
When you purchase something online via free public Wi-Fi this is essentially what you are doing. With an unsecured Wi-Fi system, you have no idea who is monitoring the connection. And unsecured, public Wi-Fi is easily monitored by cyber criminals.
Don’t submit any details over an unsecure network that you wouldn’t be comfortable sharing publicly such as credit card details, address or pin numbers.
Whilst these are great practices to keep you safe during the festive shopping season, they are evergreen security methods when online shopping throughout the year.
December and the festive season should be just that, festive and not a time to be a statistic for next year’s Action Fraud report on online shopping scams. If you want to find out how else you can protect your devices and networks from online scams, malware and ransomware give Security Everywhere a call today.