Notes from the Field • 5 Min READ

Shopping During the Festive Period. An Upsurge in Cyber Threats

by Beverley Obukohwo, Eleanor Barlow • Dec 2020

Tis’ the season for Cyber Security Threats!

There is always an increase in Cyber Threats during the holiday period. This has been the case for many years. But due to the rise of COVID-19 related lockdown initiations, 2020 has seen more people shopping online than ever before. Infact, according to Geekwire, March alone saw over 42% of the US population grocery shopping online.

‘Amazon saw online grocery sales triple year-over-year during the second quarter as more customers got their groceries delivered versus going to a physical store amid the COVID-19 pandemic.’

This is just with reference to Amazon. When we think of all the billions of transactions made across the globe to other companies, and that ‘over 62% of online buyers shop on a monthly basis’ (Episerver), the number of transactions that hackers can attempt to infiltrate are limitless.

Here are some of our top tips for being safe online, and the preventative measures that can be taken while shopping this winter.

1. BE CAUTIOUS

The general rule when shopping online is that if something seems too good to be true, it probably is! While Christmas deals can offer huge discounts that are genuine and full of festive merriment, people still want to/need to make money. Anything ridiculously cheap is a red flag.

What to look for:

It is worth checking the reputation score of retailers via sites like Trustpilot to determine if that particular retailer can be trusted.
A website with no company address, descriptions or specifications on items are all red flags. Look for the details. And do not base purchases solely off star ratings, as these can be fake.
Pop-ups that offer free electronics are one of the obvious scams and should be avoided at all costs.
Read the small print. Often cons are perfectly visible if you know what to look for. Like seeing a picture of a laptop being advertised, going to buy said laptop for a reduced rate without reading the small print, and receiving a literal picture of a laptop in the post. The devil is in the detail!

2. USE REPUTABLE WEBSITES/COMPANIES

Stick to the retailers you know – Using websites that are globally known, such as Argos, Amazon, Curry’s is a good way to avoid any nasty surprises. Even if it is a couple of pounds more, it is worth knowing where your money is going and that your purchase will be tracked and delivered.
Use good antivirus software – McAfee’s Web Advisor is a great free choice, which will warn you of potentially dangerous sites in search results as well.
Look out for suspicious emails, calls and text messages – spam.

3. STOP. LOOK. CHECK. PAY.

Check for the padlock icon when at the checkout. Secure Sockets Layers (SSL) are used to ensure data is encrypted before being transmitted across the web. It is also an indication that an organisation has been verified. Keep an eye out for HTTPS in the address bar rather than HTTP, as this highlights a site uses SSL.
Make sure the website that you intend to shop on is not a copy of a legitimate one. Verify that the date and name of the organisation are consistent with the site you are visiting. And look for typos in the URL. Your best bet it to go directly to the website yourself, and do not access it through links on other sites/emails.
When using public Wi-Fi, use a VPN as the most effective way to stay safe and so that hackers do not steal your personal data while you are on an unsecure network.

4. CHECK DELIVERY TIMES

When buying a gift, be sure to check that it will arrive in time. Always check the availability of items before you click.
Even when parcel tracking is used, check the delivery estimation time and the seller’s recent feedback to see if they can be trusted to deliver your purchases on time.

5. CHECK THE BOX

The latest scam is to swap out valuable products for worthless ones. When your parcel arrives, ask the courier to wait a few seconds while you check that the contents is what you were expecting.

6. CHECK YOUR BANK ACCOUNT

Use a credit card or payment method which offers protection (i.e., PayPal).
Check your accounts regularly for fraudulent activity.
Only provide enough details to complete your purchase (no extra details required)

Next, read our Ten Top Tips for Detecting a Phishing attack while shopping online, especially if you are the type of person to take advantage of offers sent via your email account!

Related Content

View All

blog

Hook, Line and Sinker. Phishing and Office 365 Account Compromise

Phishing: What are the important Office 365 logs to examine? Even the most hardened information systems are susceptible to a slick con artist. The art of deception employed in a well-crafted phishing email has the potential to dupe us all. In fact, there are few of us who are invulnerable to this threat actor. Obviously, […]

blog

10 Top Tips to Detect Phishing Scams

Everyone is susceptible to a phishing attack. Often, phishing emails are well-crafted and take a trained eye to spot the genuine from the fake. There are, however, ways to make yourself less of a target. Keep in mind our ten top tips to stay safe online. 1. Name of sender can trick you. Email addresses […]

webinars

Tips to Educate and Protect Your Staff from Security Threats

A Cyber Awareness Webinar

datasheets

User Behaviour Analytics

Detect Compromised Accounts that have been spoofed, or unwittingly/knowingly had malware installed with SecurityHQ's User Behaviour Analytics Module. Download SecurityHQ's UBA Datasheet to learn about its benefits at a more granular level.