Cyber Monday — the online-only version of Black Friday that takes place the Monday after Thanksgiving — is once again expected to be the largest online sales day of the year. Adobe is estimating that this year's Cyber Monday will hit the $3 billion mark for the first time — a 12% year-over-year growth.
While consumers go online looking for deals, cybercriminals will try to take advantage of this increase in shoppers through a variety of activities intended to steal credit card information or install malware or Trojans on computers.
If you're planning to seek out Cyber Monday deals, here are 10 best practices PriorityOne Group suggests you follow to protect your computer, mobile device and personal information. While this column focuses on Cyber Monday, the guidance is worth following throughout the year as cybercriminals do not take days off.
1. Shop only at stores you know. Cyber Monday brings with it the promise of substantial savings. You may search the web for the business offering the best deal you can find. This is what cybercriminals are counting on.
If a deal takes you to the online store of a company you've never heard of, proceed with caution. When the price seems too good to be true, there's a good chance it is. Never enter credit card information if you're wary of a site. First, check the name of a company through the Better Business Bureau to help confirm whether the company is legitimate.
Also, always double check a website's address before entering payment information. Cybercriminals can create phony websites that appear similar to the websites of major retailers. When you visit a website you trust and verify it is the actual website you wanted to visit, bookmark that website, and navigate to the website through that bookmark in the future. This will help prevent mistyping in a web address that may take you to a phony website or clicking a phony link in a search.
Note: Consider using a filtering service like OpenDNS to protect your computer from websites known to be harmful to your computer.
2. Shop securely. Before providing any personal information into a webpage, ensure you see "https" in the web address. This indicates a secure connection. Taking the time to verify that "s" at the end may be the difference between whether a cybercriminal can steal your information or not.
You should also ensure SSL ("secure socket layer") is enabled by the websites you shop at as this will help protect your personal information. SSL represents a web certificate from a reputable supplier that provides data security. If a site lacks this feature, hackers can more easily seize credit card information. Before entering sensitive personal information into your browser, look for a lock icon in the website's URL in the address bar (it may be to the left or right of the URL, depending upon the browser you're using) to verify whether the site uses SSL.
3. Avoid simple passwords. Many retailers will require you to create an account with them before proceeding with a purchase. Consumers in a rush to secure a deal will often use a simple password when creating an account. This is exactly what a cybercriminal is hoping will happen.
Take the time to create a unique, random password for every new login. It's best to use a combination of letters (both upper and lower case), numbers and symbols. Many accounts will advise whether a password is weak or strong. Never settle on a weak password. If you need assistance coming up with random passwords and tracking them, consider a password management service.
4. Keep software updated. A good year-round best practice is to make sure software is always kept current. This includes checking for updates and patches for your operating system, browsers and security software, and enabling these programs to automatically check for updates. Doing so will help keep your computer free of viruses and malware, and prevent cybercriminals from hacking into your computer.
Also, make sure your antivirus and antimalware software are scheduled to run regular scans to check for viruses and malware. If you visit a website or open an email attachment you didn't intend to (more on this below), stop whatever you're doing and immediately run security scans.
5. Be careful when using smartphones or tablets. Many users of mobile devices believe these devices are not susceptible to threats from cybercriminals. But like regular computers and laptops, they can be hacked, and users can encounter the same threats.
A few important tips when using smartphones and tablets:
- Avoid unfamiliar apps. Installing apps you have never heard of can leave your data more susceptible to theft. Before installing apps, review the permissions. If the app requests access to personal information that does not seem necessary for its operation, look into the legitimacy of the app before proceeding with approval of the permissions and installation.
- Run antivirus/antimalware software.
- Enable a lock screen password and timeouts that automatically lock your device. This way, if you lose your phone, criminals cannot easily access the information stored in the device.
6. Don't rush to click an email link or attachment. If you receive an email from a friend providing a link to a great deal or an attachment showing this deal, take a moment before clicking the link or opening the attachment. Your friend's email account may have been hacked, or the friend's email address may be "spoofed," which means the email is being sent from somewhere else with the friend's address forged onto its "From:" line.
If you click the link or open the attachment, you may infect your computer with a virus or visit a webpage intended to steal your personal information.
7. Be cautious on social networks. Like links in email, links posted on social media are commonly used for phishing attacks, and harmful attacks may come from people or websites you trust (without their knowledge). Take a moment and really think before clicking links or opening webpages.
8. Use a credit card rather than debit card. Use of a credit card — rather than a debit card — when making an online purchase can help prevent against fraud. Consider setting up alerts on your credit card to have an email or text message sent every time a purchase is made on the card above a certain amount. This will help you detect fraudulent purchases quickly. The Better Business Bureau suggests paying with a credit card because federal law allows you to dispute any charges, if necessary.
It is also advisable, whenever possible, to use a credit card that offers one-time use, time-limited or virtual credit card numbers. This will help prevent a cybercriminal from stealing your credit card information.
9. Double check email encryption. If it's necessary for you to email credit or debit card information, make sure the email is encrypted so hackers cannot access your information.
This is a particularly appropriate time to consider using a one-time use, time-limited or virtual credit card number.
10. Document purchases, and review your documents. Healthcare providers appreciate the importance of documentation. This also applies to online shopping. When placing an online order, save or print a copy of the order confirmation (provided via a webpage and/or email) in the event it is needed for future reference.
Make sure to check credit card statements frequently. Don't wait for statements to come in the mail; check them online regularly to help detect suspicious activity.
While shopping online and saving money can make Cyber Monday an enjoyable and exciting experience, keep your guard up. Be aware of scams and fraudulent websites. Shop and pay cautiously. Do not trust third-party communication or any website that may seem the slightest bit suspicious. The savings you think you will get could end up costing you dearly.