Skip to main content
banner image
venafi logo

Black Friday and Cyber Monday: How to Avoid Phishing Scams [Encryption Digest 52]

Black Friday and Cyber Monday: How to Avoid Phishing Scams [Encryption Digest 52]

November 20, 2020 | Alexa Hernandez

Thanksgiving may all about sharing a delicious meal with your loved ones, but let’s be honest: most of us are itching to hunt down pre-holiday deals well before the plates have been cleared. Black Friday typically sees voracious shoppers waiting in long lines for hours, ready to score those sales the moment stores open. This year, however, COVID-19 will likely see Black Friday moving online. After all, you don’t need a mask to shop from home!

Unfortunatley, cybercriminals are also seeing this trend coming. There has already been a rise in phishing scams and malware attacks since the pandemic started earlier this year. This massive increase in online shopping, combined with all the holiday deals that will be available online, means that shoppers will have to be extra careful this year. Remember, a little encryption will go a long way. Be sure to take the extra steps to confirm your retailer is using both HTTPS and a valid certificate (read more on this later).

Common phishing scams to watch out for

Holiday fundraising charity scams

During the holidays, it is so important to remember the less fortunate and embrace the spirit of giving. Many large charities do incredible work hosting fundraisers to help those in need, but you’ll have to remain on the lookout for scam artists posing as charitable organizations to steal your money. Always research any organization you plan to donate to and don’t be afraid to directly contact a person to confirm the validity of the charity. You can also use the BBB Wise Giving Alliance, Charity Navigator, or CharityWatch to research organizations you come across. Some major red flags to watch out for include not showing proof of tax-deductible status, requesting donations by cash or gift card, or offering prizes for your donation.

Signs of online shopping phishing emails

Legitimate businesses and organizations will send their official promotional emails from a personalized domain. Emails from personal domains, such as or, are more than likely scams. Phishing emails will also include a sense of urgency for you to click a suspicious link. This infected attachment is a way for scammers to capture sensitive information including login credentials, credit card details, account numbers, and more. Never click a link from an email you find suspicious or don’t recognize. This holiday season, you will more than likely get tons of phishing emails from scammers pretending to be your favorite stores offering major holiday deals. Choose your clicks carefully!

How can I avoid phishing scams while online shopping?

Even with all these schemes and scams floating around, there are some simple precautions you can take to ensure a smooth and safe online shopping experience.

Only shop where you see the lock

That little green lock icon in your browser’s address bar is your new best friend! It indicates that the website uses SSL (Secure Socket Layer) to encrypt data during transmission (i.e. online purchases) and that the connection between your browser and the website is encrypted. Never input your name, address, credit or debit card, or any personal information on a website that does not display this lock. If you are in doubt, click on the info to check if the SSL (or TLS) certificate is registered to the site you believe you are visiting. Unsecure websites are vulnerable to malicious third-parties intercepting your connection and getting ahold of your information.

Use secure payment methods

Credit cards and third-party payment services are the safest payment methods to use while shopping online. Thanks to the Fair Credit Billing Act, your liability for fraudulent credit card charges can never exceed $50. Even so, most reputable credit cards offer additional fraud protection that can totally cover any liability on your part. Payment services such as PayPal, Venmo and ApplePay are also great options because they allow you to fully avoid providing any of your bank information to a website. The fewer places online that have your personal information, the safe you’ll be!

If possible, it’s best to avoid shopping online with debit cards. These accounts pull directly from your checking account, which is your actual money. A hacker gaining access to these funds will cause you far more immediate harm than a fraudulent credit card charge.

Use up-to-date software and secure passwords

Software updates frequently list the new features and bug fixes in a long list that most people skip without reading to get to the “agree” button. Most of the time, these new features include security updates to make your device more protected. If you’re shopping with older software, hackers may have already figured how to exploit weaknesses in the operating system. Before shopping for those deals, double-check that your software is fully updated.

Avoid hotspots and public Wi-Fi

Public Wi-Fi hotspots are incredibly easy for thieves to hack, so it’s best not to send out your personal information outside the safety of your at-home network. If you absolutely must shop from a local coffee shop or airport lounge this holiday season, stick to websites that are fully encrypted by making sure every page you visit has the secure “HTTPS” in the URL (not “HTTP”). Experts have also suggested that a store’s dedicated app will probably be safer than a browser.


Related posts


Like this blog? We think you will love this.
image representing big data
Featured Blog

Le chiffrement homomorphe : Définition et utilisation

Qu'est-ce que le chiffrement homomorphe ? Le

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Alexa Hernandez
Alexa Hernandez

Alexa is the Web Marketing Specialist at Venafi.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud

Venafi Cloud manages and protects certificates

* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
* Please fill in this field
* Please fill in this field
* Please fill in this field

End User License Agreement needs to be viewed and accepted

Already have an account? Login Here

get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more