Cyber Monday — the online-only version of Black Friday that takes place today, the Monday after Thanksgiving — will be the largest online sales day of the year. Adobe is estimating that this year’s Cyber Monday will exceed $3 billion — a more than 9% year-over-year growth.
While consumers search online looking for deals, cybercriminals will try to take advantage of this increase in shoppers through a variety of activities intended to steal credit card information or install malware on computers.
If you’re planning to seek out Cyber Monday deals today, here are 10 steps PriorityOne Group suggests you follow to protect your computer, mobile device and personal information. Note: While this column focuses on Cyber Monday specifically, the guidance is worth following throughout the year as cybercriminals do not take days off.
1. Shop at stores you know. Cyber Monday brings with it the potential for substantial savings. You may search the web for businesses offering the best deals, but this is what cybercriminals are counting on.
If a deal takes you to a website of a company you’ve never heard of, proceed with caution. Never enter credit card information if you’re wary of a website. First, check the name of a company through the Better Business Bureau to help confirm whether the company is legitimate. When the price seems too good to be true, there’s a good chance it is.
Also, always double check a website’s address before entering payment information. Cybercriminals create phony websites that appear similar to the websites of major retailers. Note: Consider using a filtering service like OpenDNS to protect your computer from websites known to be harmful to your computer.
2. Shop securely. Before entering any personal information into a webpage, ensure you see “https” in the web address. This indicates a secure connection. Taking the time to verify that “s” at the end may be the difference between whether a cybercriminal steals your information or not.
You should also ensure SSL (“secure socket layer”) is enabled by the websites at which you shop. This will help protect your personal information. SSL represents a web certificate from a reputable supplier that provides data security. If a site lacks this feature, cybercriminals can more easily seize credit card information. Before entering sensitive personal information into your browser, look for a lock icon in the website’s URL in the address bar to verify whether the site uses SSL.
3. Use a credit card. Whenever possible, use a credit card — rather than a debit card — when making an online purchase to help prevent fraud. Many credit cards allow you to set up alerts to have an email or text message sent every time a purchase is made on the card above a certain amount. This will help you detect fraudulent purchases quickly. The Better Business Bureau also recommends paying with a credit card as federal law allows you to dispute charges.
4. Be careful of emailed links and attachments. If you receive an email from someone you know providing a link to a great deal or an attachment showing this deal, pause before clicking the link or opening the attachment. Your acquaintance's email account may have been hacked, or the email address may be “spoofed.” This means the email is being sent from somewhere else with the acquaintance’s address forged onto its “From:” line.
If you click the link or open the attachment, you may infect your computer with a virus or visit a webpage designed to steal your personal information.
5. Show restraint on social networks. Like links in email, links posted on social media are commonly used for phishing attacks, and harmful attacks may come from people or websites you trust (without their knowledge). Take a moment and really think before clicking links or opening webpages.
6. Don't use simple passwords. This is sound advice any time you create an account. Many retailers will require you to create an account with them before making a purchase. Consumers in a rush to lock in a deal will often use a simple password when creating the account. This is exactly what a cybercriminal is hoping for.
Create a unique, random password for every new login. It’s best to use a combination of letters (both upper and lower case), numbers and symbols. Many accounts will advise whether a password is weak or strong. This feature is included for a reason: You should never settle on a weak password. If you need assistance coming up with strong passwords and keeping track of them, consider a password management service.
7. Double check email encryption. If it’s necessary for you to email credit or debit card information to complete a purchase, make sure the email is encrypted so hackers cannot access your information. Note: This is a an appropriate time to use a one-time use, time-limited or virtual credit card number, if possible.
8. Don't assume that using smartphones or tablets will keep you safe. Many users of mobile devices believe their devices are not susceptible to threats from cybercriminals. But like regular computers and laptops, mobile devices can be hacked, and users can encounter the same threats as users of desktops and laptops.
A few important tips when using smartphones and tablets:
- Run antivirus/antimalware software.
- Avoid unfamiliar apps. Installing apps you have never heard of can leave your data more susceptible to theft. Before installing apps, review the permissions. If the app requests access to personal information that does not seem necessary for its operation, look into the legitimacy of the app before proceeding with installation.
- Enable a lock screen password and timeout function that automatically locks your device. This way, if you lose your phone, criminals cannot easily access the information stored in the device.
9. Keep software updated. Another good year-round best practice is to make sure the software you use is kept current. This includes checking for updates and patches for your operating system, browsers and security software, and enabling programs to automatically check for updates.
Also, make sure your antivirus and antimalware software are scheduled to run regular scans to check for viruses and malware. If you visit a website or open an email attachment you didn’t intend to, stop what you are doing and run security scans.
10. Document purchases, and review your documents. When placing an online order, save or print a copy of the order confirmation (provided via a webpage and/or email) in the event it is needed for future reference.
Make sure to check credit card statements frequently. There's no need to wait for statements to come in the mail either; you can check you purchase history online more frequently to help detect suspicious activity.
Be cautious, and remain vigilant
While the experience of shopping online and saving money can make Cyber Monday enjoyable and exciting, be alert. Watch for scams and fraudulent websites. Shop and pay cautiously. Do not trust third-party communication or any website that may seem the slightest bit suspicious. The savings you think you may get could end up costing you dearly.