Approaching the time of year where consumers are seeking hot Black Friday deals or shopping for Christmas bargains, how much trust do we place in where we shop?
In recent years, we’ve seen an increase in the volume and sophistication of online attacks, increasing the risk of purchasing online – Experian has previously indicated that 43% of holiday shopping identity theft occurs online. But scams during the holiday season are not just an issue for online shoppers as thieves also prey on other unsuspecting shoppers.
In either case, consumers are often led by ‘too good to be true’ offers and fall fowl to opportunistic scams with some examples including bogus gift cards, card skimming, phishing campaigns, and fake online retail sites.
So, what can we do to stay safe? Essentially, be on the lookout!
Retailers are often targeted by organised crime groups who seek to profit from the £1.49bn spent online during Black Friday in the UK alone, followed by a further £50bn spent by UK shoppers in the lead up to Christmas. With some of these scams being quick and effective, there are a number of things you can think about when you’re shopping in-store or online.
Do some research
Before you buy something online or in-store, do some research to ensure the retailer or seller is legitimate. ‘Pop-ups’ ahead of peak shopping periods provide thieves a great opportunity to execute scams and by the time you’ve realised, it’s too late.
Exposed card details
When purchasing in-store, be sure to cover your card and don’t divulge your PIN number. Also, make your card harder to snatch by putting it out of sight, preferably in a purse/wallet or zipped pocket. Whether it be physical theft, hidden cameras or a rogue employee, scraping card details is relatively simple.
Before proceeding to any retailers’ payment page, look out for changes in the website URL and make sure that the page is transmitting sensitive information such as your payment details using ‘HTTPS’ (look for the padlock symbol next to the website address).
In addition, here are some other general reminders to keep you safe online:
- Make sure you keep software and anti-malware protection up-to-date.
- Always choose unique, strong passwords for your online accounts.
- Make sure the internet connection you are using is secure – don’t use public Wi-Fi to shop online, especially where you use internet banking or anything else requiring you to send personal information.
- Consider using payment services such as PayPal when shopping online as you don’t have to provide your actual card details to the retailer.
If you think your card has been used fraudulently then let your bank or provider know immediately so that any further use of the card can be stopped. If you think you’ve been targeted by a scam, you can also report it to Action Fraud on 0300 123 2040, via their online reporting tool or on the FCA Scam Smart website.
Remember, be aware – if a deal looks too good to be true, it probably is!
Craig is responsible for SureCloud’s Risk Advisory Practice including engagement scoping, consultancy delivery and client relationships. Craig was most recently part of the senior delivery team within a global cybersecurity consultancy, responsible for leading and delivering complex cybersecurity solutions aligned to strategic business objectives. Craig has broad cybersecurity experience including a strong technical, software development and project management background, with particular strengths in the areas of information risk management, PCI DSS, strategic planning and business auditing. Craig is a certified CISSP, Lead Auditor and PCI DSS QSA.