It feels like summer just ended, but stores are already stocking up for the holidays, Christmas music will soon be played everywhere you go — and many people will fall prey to hackers when they go online to buy gifts.
According to Adobe Analytics, shoppers spent $7.9 billion online on Cyber Monday last year, a 19.3 percent increase from 2017. That number could rise as high as $9 billion this year.
While shoppers are studying and getting ready for those Cyber Monday deals, hackers are eager to reap the benefits of consumers unconcerned with cybersecurity.
Surprisingly, one survey showed that 62 percent of shoppers polled would buy from a brand that has been hacked if the Cyber Monday deals were good enough. Despite the present danger of data breaches, this shows that most shoppers care more about the bargain than cybersecurity.
Knowing that there will be a sharp increase in online transactions, Cyber Monday can be like Christmas for data thieves. Here’s how you can make sure they don’t get what they want.
1 — Look for HTTPS in the address bar
The difference between HTTPS and HTTP can mean the difference between a merry Christmas and “bah humbug.”
Legitimate businesses and websites will have HTTPS (Hyper Text Transfer Protocol Secure) before their web address, showing that communications on the site are securely encrypted. This can be the easiest way of telling that you’re buying from a reputable site that takes cybersecurity seriously.
On the other hand, data that is sent over a regular HTTP connection between the browser and e-commerce site is in plain text and can be read by data thieves. Don’t shop from websites that lack an HTTPS connection.
2 — Avoid phishing
You get an email from FedEx, your bank or a retailer you’ve shopped from in the past, asking you to log in and confirm your Social Security number or credit card information.
Think before you click.
Look around to make sure that the email is coming from the company (many phishers will try to mask this or discretely misspell the name). Mouse over the button the email wants you to click. If you don’t recognize the address it’s pointing you to, your alarm bells should be ringing. Clicking that link could open your computer to viruses and hackers.
If you’re truly unsure, call the company (not through any contact information in that email) and ask. Reputable businesses and institutions would never ask for that kind of sensitive information via email.
Last year, “magecart” attacks were all the rage, skimming credit card information from companies such as British Airways, Ticketmaster and Newegg. These scammers tricked consumers into entering payment information into legitimate-looking forms. Be on the lookout for similar tactics this year.
3 — Don’t believe unbelievable deals
While major retailers like Walmart, Target and Amazon will offer incredible Cyber Monday deals on electronics and other big-ticket items, shady websites will do the same to capitalize on the adrenaline rush of finding a bargain.
Many scammers do this to draw you in, knowing that you’re likely rushing to claim the great deal before they sell out. In truth, they don’t have the video game console or smartphone they’ve advertised. They’re just taking advantage of your impulsiveness to gain access to your credit card and personal data.
If you’ve never heard of the website with the too-good-to-be-true discount on a high-demand item, take time to do some research and determine whether or not it is legitimate. The time you spend now can save your bank account and identity in the long run.
4 — Keep changing passwords
When studying 21 million usernames, Google found that users chose to ignore 25.7 percent of the breach warnings presented to them. That plays right into hackers’ plans this holiday season.
If you plan to do any shopping online this year, it’s wise to change the passwords to your email account, as well as accounts you have on e-commerce sites.
Changing your passwords often (especially during the holiday shopping season) to something complex can keep you one step ahead of hackers trying to log in with your information.
5 — Don’t shop on public WiFi
Public WiFi is a godsend when you just want to hang out at your local coffee shop and check upcoming Cyber Monday deals. But if you’re actively shopping on an unsecured public WiFi connection, you’re practically inviting hackers into your phone or laptop.
WiFi is provided by many businesses as a courtesy to customers but isn’t always managed like a secured connection. Small business owners may not always be cybersecurity experts, and it could take weeks to discover that the free WiFi has been taken advantage of by a data thief.
One of the most common threats is called a “Man in the Middle” attack. When a computer connects to public WiFi, data is sent from the computer to the server. An unsecured connection means that a hacker could get in between this transmission and gain access to what you thought was private data.
While public WiFi has its benefits, it’s best to avoid shopping or any kind of transaction where you’re inputting sensitive information.
6 — Secure your phone
According to Adobe, phones accounted for 47 percent of traffic to e-commerce sites on Cyber Monday 2018, and 36 percent of sales. With mobile shopping experiences becoming less of a pain, more people are trusting their phones to purchase gifts after Thanksgiving.
This is just another avenue for hackers to access and make your Christmas a nightmare. When you’re searching Twitter for incredible discounts, you may be tempted to download an unknown deal-searching app or pointed to some site you’ve never heard of.
You can download anti-virus protection for your phone, giving you an added layer of protection. It’s also recommended to avoid completing transactions on your mobile browser, going with the retailer’s verified, trusted app if possible. Don’t install apps from a link or an email — instead go straight to the App Store or Google Play store to make sure you’re not downloading a copycat.
These tips will help you have a safer and more enjoyable Cyber Monday experience, but be on the lookout for new scams and tricks hackers will use this year.