In order to score great deals over the Thanksgiving holiday, you may have chosen to forgo the hassle and stress of the crowds at the old brick-and-mortar stores and instead do your shopping in your PJs at home. Though the official numbers have not yet been released, this year’s Cyber Monday is estimated to bring in $7.9 billion in sales. Online giant Amazon even said that this year’s Cyber Monday was the biggest shopping day in the history of the company. Of course, whenever that kind of money is flying around, individuals looking to steal it will not be far behind.
Indeed, the crooks are already at it; last week the security firm FireEye detected a malware threat called Emotet, using malicious emails sent to victims in order to gain access to their bank information. Many cybercriminals are masters of exploiting current events. During the holiday season, most of us are looking to score the best deals on some of the most popular brands or products, be it the latest electronic devices, toys or clothing. Malicious actors will often disguise their emails as originating from reputable companies, offering impossibly good deals on the latest items. It is worth noting that this type of targeted exploitation is not unique to the holidays–itit also occurs during natural disasters, prompting organizations such as FEMA to issue warnings to be on the lookout for disaster recovery fraud schemes.
So does this mean that you should automatically delete every email in your inbox from your favorite retailer? Of course not. You might be one of the many people who have alerts set up to let you know when the price drops on a certain product and a fear of scam artists should not deter you from selecting the best price. That being said, there are a few ways to better protect yourself:
- Look for “https” in your URL when making a purchase. The “s” in “https” means secure, indicating the communications to and from that page is encrypted.
- Avoid clicking on hyperlinks within unknown or unfamiliar emails. Legitimate businesses do not usually solicit your credit card information this way, and usually only request it at the end of a purchase.
- Never respond to pop-ups. If a pop-up window appears offering you cash for a survey or congratulating you on being the “1 millionth visitor,” just close out of the window. It is virtually never a legitimate offer.
- Keep the software on your devices up to date. A large part of the reason companies update their software is to close vulnerable loopholes that can be exploited by cybercriminals.
- Have a strong password and change it often. “Password” or “[Your name] 123” are simply not acceptable anymore.
Finding the perfect present for someone at the right price is challenging enough without having to worry about someone trying to steal your sensitive data. Hopefully these simple tips can give you peace of mind while looking at the latest iPhone or the newest Paw Patrol toy. If you’re interested in how Praescient has combated fraud in the past, take a look at our case study.