Finally, we’ve made it through the majority of 2020 and into the Holiday season, allowing us to celebrate by getting together with family and friends and perhaps do a little shopping for them too. Thanksgiving is around the corner with the biggest holiday deals of the year on Black Friday and Cyber Monday. As with any other year, it’s a good time to find great deals but its equally important to be wary of “too good to be true” deals. Hackers exploit consumer excitement on these big shopping days each and every year! They steal personal information, sell us goods that never arrive, and take advantage of us if we let our guards down.
Black Friday to Online Sales in COVID
Traditionally, ‘Black Friday’ meant a day out on the town, racing around retail stores to get the last flat screen TV before someone takes it or even seeing shoppers fisticuff their way to the front of lines to secure their big deals. Now, shopping has shifted online, erasing traditionally obstacles shoppers dealt with on Black Friday.
Shoppers looking for gifts for loved ones and family now must worry about cyber threats. With coronavirus setting new infection records each day in November, more and more businesses are turning to online marketplaces. Hackers capitalize on these trends making our online shopping experiences more dangerous and difficult.
Cybersecurity experts are often asked around this time of the year, “what should I be doing?“. The unfortunate truth is that Black Friday scams are the same scams used throughout the year. You’re just as much at risk every other day of the year, and you must learn the skills to protect yourself. That’s the good news. Anything you do to boost your cybersecurity protection on Black Friday is worth doing all the time.
Black Friday deals often look so competitive that many of us may be more willing, at this time of the year, to believe the deals from new online merchants we’ve never heard of before are real!
This is why CyberHoot publishes tips for safe holiday shopping each year at this time.
Tips To Stay Secure
Learn how to spot a Phishing attack easily and delete
Phishing emails have tell-tale signs you can use to quickly and confidently identify them and delete them before they take advantage of you. Watch and ask these 7 questions before clicking. Was the email:
- From a strange email address (onmicrosoft.com does not email for Amazon.com)
- Generically addressed (Dear Ma’am, Dear Sir).
- Contain spelling, grammar, and punctuation mistakes.
- Have strange looking links where you can’t tell what website you’re actually going to (i.e.: bit.ly, TinyURL, Ow.ly).
- Urge you to take critical immediate action of any kind.
- Contain an enticing attachment they encourage to open (warning: may contain a virus)
enable TWO-FACTOR AUTHENTICATION (2FA)
- Enable 2FA on all your online accounts (especially shopping). According to cybersecurity experts, enabling two-factor authentication is hardest security measure for hackers to exploit.
Adopt A Password Manager
- Password managers refuse to log you into a phishing attack website if you accidentally click on a fake Holiday Sale email.
- Password managers help you eliminate password reuse. A leading cause of account breaches where hackers reuse a stolen password from website A on website B.
- Password managers help you choose random, long passwords and eliminate typing them in when authenticating at websites, speeding up your shopping experience.
Learn how to enable your banks account lock features
All bank/credit card companies can ‘lock’ your credit card within seconds if one of two things happen:
- The Bank identifies or suspects malicious activity on your account
- You request they lock the card until you need to use it
- Watch the video below to learn by a second credit card only for online shopping might be a really good idea
While these suggestions don’t cover all threats faced when shopping online, they can certainly get you moving in the right direction improving your cybersecurity hygiene. You can work with CyberHoot for free (individuals) or at a small cost (businesses) to automate and mandate that employees learning these cybersecurity skills! You will be protecting them personally and professionally and they will thank you for it.