Thanksgiving may all about sharing a delicious meal with your loved ones, but let’s be honest: most of us are itching to hunt down pre-holiday deals well before the plates have been cleared. Black Friday typically sees voracious shoppers waiting in long lines for hours, ready to score those sales the moment stores open. This year, however, COVID-19 will likely see Black Friday moving online. After all, you don’t need a mask to shop from home!
Unfortunatley, cybercriminals are also seeing this trend coming. There has already been a rise in phishing scams and malware attacks since the pandemic started earlier this year. This massive increase in online shopping, combined with all the holiday deals that will be available online, means that shoppers will have to be extra careful this year. Remember, a little encryption will go a long way. Be sure to take the extra steps to confirm your retailer is using both HTTPS and a valid certificate (read more on this later).
Holiday fundraising charity scams
During the holidays, it is so important to remember the less fortunate and embrace the spirit of giving. Many large charities do incredible work hosting fundraisers to help those in need, but you’ll have to remain on the lookout for scam artists posing as charitable organizations to steal your money. Always research any organization you plan to donate to and don’t be afraid to directly contact a person to confirm the validity of the charity. You can also use the BBB Wise Giving Alliance, Charity Navigator, or CharityWatch to research organizations you come across. Some major red flags to watch out for include not showing proof of tax-deductible status, requesting donations by cash or gift card, or offering prizes for your donation.
Signs of online shopping phishing emails
Legitimate businesses and organizations will send their official promotional emails from a personalized domain. Emails from personal domains, such as @gmail.com or @yahoo.com, are more than likely scams. Phishing emails will also include a sense of urgency for you to click a suspicious link. This infected attachment is a way for scammers to capture sensitive information including login credentials, credit card details, account numbers, and more. Never click a link from an email you find suspicious or don’t recognize. This holiday season, you will more than likely get tons of phishing emails from scammers pretending to be your favorite stores offering major holiday deals. Choose your clicks carefully!
Even with all these schemes and scams floating around, there are some simple precautions you can take to ensure a smooth and safe online shopping experience.
Only shop where you see the lock
That little green lock icon in your browser’s address bar is your new best friend! It indicates that the website uses SSL (Secure Socket Layer) to encrypt data during transmission (i.e. online purchases) and that the connection between your browser and the website is encrypted. Never input your name, address, credit or debit card, or any personal information on a website that does not display this lock. If you are in doubt, click on the info to check if the SSL (or TLS) certificate is registered to the site you believe you are visiting. Unsecure websites are vulnerable to malicious third-parties intercepting your connection and getting ahold of your information.
Use secure payment methods
Credit cards and third-party payment services are the safest payment methods to use while shopping online. Thanks to the Fair Credit Billing Act, your liability for fraudulent credit card charges can never exceed $50. Even so, most reputable credit cards offer additional fraud protection that can totally cover any liability on your part. Payment services such as PayPal, Venmo and ApplePay are also great options because they allow you to fully avoid providing any of your bank information to a website. The fewer places online that have your personal information, the safe you’ll be!
If possible, it’s best to avoid shopping online with debit cards. These accounts pull directly from your checking account, which is your actual money. A hacker gaining access to these funds will cause you far more immediate harm than a fraudulent credit card charge.
Use up-to-date software and secure passwords
Software updates frequently list the new features and bug fixes in a long list that most people skip without reading to get to the “agree” button. Most of the time, these new features include security updates to make your device more protected. If you’re shopping with older software, hackers may have already figured how to exploit weaknesses in the operating system. Before shopping for those deals, double-check that your software is fully updated.
Avoid hotspots and public Wi-Fi
Public Wi-Fi hotspots are incredibly easy for thieves to hack, so it’s best not to send out your personal information outside the safety of your at-home network. If you absolutely must shop from a local coffee shop or airport lounge this holiday season, stick to websites that are fully encrypted by making sure every page you visit has the secure “HTTPS” in the URL (not “HTTP”). Experts have also suggested that a store’s dedicated app will probably be safer than a browser.