The increased transactional and promotional activities taking place on and around Black Friday, and the desire of shoppers to find goods for cheap, presents an irresistible opportunity for cyber criminals to ply their trade.
They can – and do – take full advantage of this, but that doesn’t mean being a victim is inevitable. People simply need to protect themselves by paying more attention when it comes to paying for in-store and online purchases, and how they handle promotional emails, browser pop-ups, and internet advertisements.
The bad guys are after data more than anything else, all the better to impersonate people, gain access to bank accounts, defraud retailers, or otherwise fraudulently identify themselves for their own gain at others’ expense.
Fighting the scourge of cybercrime and safeguarding data is ultimately everyone’s business, and not just up to security solutions vendors to pull off.
This article details some useful tips on how to reduce the chances of falling victim to the myriad scams that will inevitably do the rounds before, during, and after the busiest shopping day of the year.
Use a complete internet security suite
Perhaps the easiest thing to do is install some form of internet security software on all devices you use to do online shopping/ordering.
You should preferably get a full-featured suite that includes firewall protection, parental controls, password management and other handy security functions in addition to antivirus/antimalware/antiphishing functionality.
Options include Kaspersky and Trend Micro, among others, and it’s a good idea to protect every endpoint in your home and business with software from such reputable vendors.
Just be sure to keep that software automatically updated, and pay attention to any warnings it produces whenever you’re transacting online, and you’ll be good.
Enable two-factor authentication wherever it’s offered
One of the easiest way to secure your accounts is with “Two-Factor Authentication” (TFA). It’s easy to set up, and is an excellent way to confirm your identity with something a thief won’t have easy access to.
Many big online retailers and services offer it as an opt-in option, so be sure to double check that it’s available before transacting on those sites.
TFA is done with codes that are sent to your phone or email, or through authentication apps that generate codes that change all the time.
These codes must be entered to confirm that it’s you transacting, and only if they match the retailer’s code can you continue.
TFA operates on the assumption that criminals probably don’t have access to all of your devices, making this a very smart way to ensure your personal information can’t be easily stolen.
TFA is not infallible, but it’s an excellent protective step to take anyway. You’re certainly better off with it activated than not.
Create strong passwords
Passwords are a modern scourge, but they’re entirely necessary for the time being. The best advice is to have strong and unique passwords for every site and service that you use, but managing it all can be a complicated affair.
The solution is to use a password manager that stores all of your usernames and passwords and supplies them automatically when signing into websites and services. There are plenty to choose from, and they can even generate secure passwords on request and store them all in an encrypted space, secured by what should be your strongest password.
The only catch here is that if you lose the password to your password manager, called your “master password”, you’re in a bit of a pickle, but on the bright side you’ll only ever have to remember one.
Keep your devices updated
Keeping your PC/laptop/smartphone updated is another example of something simple that everyone can do, but which dramatically decreases any chances of falling victim to cybercrime.
All you need to do is set your updates to automatic, and forget about it – your device will do the rest.
Updated devices will always have the latest fixes to recently-discovered operating system and software vulnerabilities, so choosing not to keep them updated is, well, madness.
Don’t overshare on social media
This one’s quite tricky, because social media is designed to reward us for sharing the minutiae of our lives with social credit in the form of likes, comments, and emojis.
Unfortunately cybercriminals are not above using any information you volunteer on social media for purposes of “social engineering”, a practice that, among many other things, uses personal details posted online to guess passwords to services and accounts.
A common source of password inspiration – pets’ names/your mom’s maiden name/your favourite teacher – can be quickly gleaned from many social profiles, and it’s not a lot of work for scammers to exploit.
So try not to overshare online, if you can avoid it.
If you absolutely love posting online about your life, at the very least consider tightening the privacy settings on your various accounts so only a few people (and people you trust!) have access to the information you share.
Don’t use public wifi when transacting online
For the love of all that’s good and holy, please never, EVER do any online shopping while connected to a public wifi hotspot.
These have been proven time and again to be super UN-secure, and there’s a good chance someone sharing said public wifi can intercept your data even before it’s reached the goods or services you’re attempting to pay for.
If you absolutely have to transact on public wifi, be sure to use a VPN that encrypts all data leaving your device and keeps it encrypted until it’s reached its destination.
It’s far simpler to avoid public wifi altogether; you’ll be much safer that way.
Rather transact at home on your own secure network, or at work if you have to. If you’re not sure how secure your home network is, ask someone to help you lock it down; using strong passwords to access the WiFi and 256-bit AES encryption or better are a good start.
Change passwords immediately after news of a breach
We’re all so connected to the news today thanks to the internet, so it’s fairly easy to be alerted when data breaches make headlines.
Should you hear of a breach happening at a company that you deal with in any way, immediately change any passwords associated with those companies’ services. That way, any stolen passwords become entirely useless to the hackers that pilfered them them, and your information remains protected.
Protect your identity while travelling
This sounds a bit paranoid, but you’d do well to use a VPN to access the internet while travelling and connecting to hotel wifi. They aren’t quite as bad as public wifi at restaurants/airports/other public places, but they’re still not ideal.
Also, try to avoid posting your travel plans to social media, as that could tell someone where you will be and for how long – useful information for anyone who’d be happy to know you won’t be home for a while.
Verify online retail offers
Since it’s Black Friday time, expect to see a flood of special offers hit your Inbox this week and the next.
Just be sure to double check that what you’re being offered comes from legitimate sources, because Black Friday’s popularity is the perfect time for scammers to engineer enticing offers from known retailers, with the aim of attracting clicks from anyone not paying close attention.
These scam mails will redirect clickers to dodgy sites that steal data and infect computers with malware for various evil purposes, so pay close attention when offers arrive that seem too good to be true.
Check senders’ emails, hover over links to check the destination website address, and if anything appears even remotely dodgy, don’t click. Report the mail to IT if you’re at work, and if you’re at home block the sender and flag the email up as spam.
Sure it’s paranoid but…
I’m sure you’ll agree, it’s much better to be safe than sorry. And yes it’s horrible that this even happens in 2019, but it does, so the best thing people can do about it is to arm themselves with awareness.
If you do nothing else on this list, get a good security suite and a password manager, and never shop online while on public wifi.
Enjoy Black Friday, and may the best combatants win!