Don’t Let Cybercrime Spoil Your Holiday Shopping

Philip BaderCybersecurity, VulnerabilitiesLeave a Comment

It’s never a bad time to think about cybersecurity, but the Black Friday weekend is probably better than most. As retailers try to woo us with the best deals around, cybercriminals pull out all the stops to trick us into giving them our hard-earned money.

But this year is different than most. Communities across the world are struggling to cope with the fear and uncertainty created by the COVID-19 pandemic. Escalating infection rates and the likelihood of renewed shelter at home orders mean that even more people will be shopping online.

More Online Traffic Means Increased Cyber Risks

Despite worries about lost wages and unemployment due to COVID-19, online sales this year are expected to outpace totals from 2019. The National Retail Federation estimates that sales will increase by 20% or 30% to between $202.5 billion and $218.4 billion.

Meanwhile, analysts at cybersecurity firm Imperva warn that while retailers brace for greater numbers of online shoppers, they also face unprecedented levels of attack traffic to their sites. And at least in the U.K., as many as 89% of retailers don’t have the strongest level of domain-based protections in place.

COVID-19 Offers New Lines of Attack

Cybercriminals spend lots of time and money in developing new ways of attacking retailers and their consumers. From simple phishing scams that target individuals to more sophisticated data skimming tools that compromise entire websites, malicious actors get better every year. Here are just a few of the current trends:

  • eSkimming: Malware is uploaded to retail websites that inserts code into online shopping carts and facilitates the theft of any customer or payment information that is entered.
  • Domain infringement: Attackers create fake websites by using a legitimate company name but altering the domain from .com to .org, and then attempt to gather sensitive information.
  • Bogus shopping apps: These apps might appear on Google Play or Apple’s App Store, but they exist to trick you into entering sensitive information. Make sure the apps you download are well-reviewed by other users and originate from developers with solid reputations.

The evolution of cyber threats means that retailers as well as consumers have to be on their guard. Online shopping requires customers to transfer critical personal data, and that customer information is the most valuable data available for most attackers.

Remote Work Creates New Security Threats

With so many people working remotely, attackers have new opportunities to expose weaknesses in corporate network systems. What happens on your home computer won’t stay there if you’re logging in remotely to employer servers. 

Some companies have even admitted to sacrificing security for expediency in support of an increasingly remote workforce, according to one recent cybersecurity survey. This means the carelessness at home can more significantly affect what happens at the office.

Here’s How You Can Protect Yourself

It’s not paranoia if people are really out to get you. And cybercriminals are definitely out to get you. New methods of attack, a target-rich environment created by larger numbers of online shoppers, and weaknesses in corporate and retail cybersecurity measures can all contribute to a more hostile online landscape for consumers.

But that doesn’t mean you can’t navigate the online retail waters with a certain measure of confidence that your information is safe. Here are a few ways that you can limit your exposure to attack.

  • Know your retailer: Try to stick to major online sellers that you have used safely in the past. If you do find that irresistible deal from a seller you don’t recognize, do some research. Make sure they are a credible retailer, and look for reviews from other buyers. And always remember that if the deal seems too good to be true, it’s not worth the risk.
  • Use a credit card: Most credit cards have a zero liability policy for fraudulent transactions. But that requires close scrutiny of your statements. Keep track of what you buy, and check regularly to be sure that you made all the purchases listed. If something doesn’t look right, contact your card provider immediately. 
  • Mobile shoppers beware: Attackers often use smishing schemes, or phishing messages delivered through SMS. If you receive a link from an unknown sender, do not follow it. It can also be harder to spot a fake website when shopping online from a mobile browser. When possible, stick to dedicated shopping apps from official retailers.
  • Good grammar counts: If a website or email offer from a seemingly reputable online retailer is riddled with spelling mistakes, it’s almost certainly a scam. Hackers might have excellent coding chops, but they’re not known for the elegance of their prose.

No matter what time of year, or what external circumstances prevail, employing basic common sense can limit your chances of becoming a victim of cybercrime. The theft of personal information, either through stolen payment information or a data breach, can have lasting consequences.

Whether you’re working or shopping from home, make sure that your computer and any portable storage devices have updated antivirus installed. Malware infections can spread rapidly from USBs and HDDs to your desktop and laptop, and from there to whatever computer networks you might have to log into for work. 

Don’t spend the holiday season worried about the safety of your most sensitive personal information. SecureData is committed to providing the best data security solutions available. We also offer world-class data recovery solutions. Call us at 1-800-388-2366 to learn more about how we can help you better protect your personal data.