Phone: charged. Cards: ready. Game face: on. Black Friday is here, and consumers couldn’t be more ready to win—because that’s what this day is about, not shopping, winning—but before they dive in plastic-first, shoppers should make sure they’re staying safe while they shop, and nowadays that means protecting their online data.
Black Friday is one of the biggest shopping days of the year, with consumers expected to spend over $3 billion on the day this year.
With 137 million shoppers expected to descend upon retailers this year during the four happy days of Black Friday sales, that’s a lot of money and personal data that could be snatched up by the less-than-scrupulous. A lot.
That being said, below are four of the biggest things shoppers should probably avoid doing when they’re battling to snatch up that last Hatchimal, whether it’s in Target or on Amazon:
Use a Credit Card, Not Debit
This is one of the simplest switches customers can make to protect their money and security, because to put it frankly, using a credit card risks the issuer’s money and is not tied to a bank account. As stated by Caleb Barlow, VP of IBM Security:
Credit cards offer consumers more protections if the card is compromised, and won’t impact your checking account during the holiday season if there’s an issue.
Avoid Using IoT Devices to Pay
For trailblazers that regularly use their smartwatches, smart rings, or other IoT devices to pay at the point of sale, it might be best to be a bit old-fashioned for the day. Cybersecurity experts claim that DDoS attacks, like the one that took down numerous sites including PayPal and Twitter a few months back, are increasing in force, and according to a report published by internet provider Akamai, this has a lot to do with the IoT and its poorly (or not-at-all) protected devices.
From the report:
These attacks were remarkable not only for their size, but also for the source and nature of the traffic they used. Since June, we had been researching a strain of malware we called Kaiten, which targets home routers and Internet of Things (IoT) devices. The malware has now been released to the world at large, under the name Mirai, and targets more than 60 default username and password combinations.
Which incidentally brings us to the next point.
Don’t Use the Same Password for Everything
Since despite the best efforts of biometric and other security companies the main method of authentication for online or mobile purchases is still passwords, this still has to be part of the list: not using the same password for all the shopping sites users visit is a must. Repeated for emphasis: do not use the same password for all online purchases.
Yes, it’s more convenient to do so, but as we have previously reported, numerous times, passwords are a terrible form of authentication—really, just the worst—but as we still have to use them, making each of them unique and as weird as possible so hackers can’t easily guess them is the best bet for security when shopping online.
Beware of Email Receipts for Unrecognized Purchases
Phishing emails have been around since email, and there’s a simple reason criminals are still using them: they work. Unsurprisingly, they are a particularly effective form of fraud around the holiday season, especially when formatted to look like, say, tracking links for Amazon purchases:
This scam is already circulating, according to IBM X-Force Research, and works by locking a user’s computer once the link is clicked. Once locked, users are required to pay a ransom fee to get back access to the computer. If it’s a bank employee, it’s even worse — the compromised computer may be used to access bank systems. Luckily, there’s a simple fix—not clicking on unfamiliar links in the first place. According to Christopher Pierson, chief security officer at Viewpost, consumers should also:
Always use strong anti-malware protections (firewall, anti-virus, and updating your computer) on the device you are shopping on.
Remember—hackers are out shopping today, too. Stay safe, and good luck! Let’s all make it through the day in one piece.1 - Reader Likes This Post