Cyber Monday 2021: Three Simple Rules to Avoid Security ‘Red Alerts’

Holiday sales during the November to January timeframe are expected to touch $1.3 trillion, with Cyber Monday set to attain the crown for being the largest online spending day of the year. However, according to Kaspersky, online payment fraud surged by 208% between September and October 2021, indicating a significant spike in cybercriminals’ activities ahead of the holiday shopping season. In this article, we bring you some expert security tips on making the most of Cyber Monday without falling victim to scams.

2021’s most-awaited shopping season is finally upon us. Despite the financial setbacks the pandemic inflicted on businesses and individuals over the past 18 months, we’re seeing no signs of a slump when it comes to U.S. consumers bringing out their wallets to grab the best deals and discounts of the year. Indeed, the National Retail Foundation expectsOpens a new window holiday sales to touch $859 billion this year, growing by up to 10.5% over the 2020 figure. Online and non-store sales are expected to perform even better, rising by up to 15% year-over-year to touch $226.2 billion.

“There is considerable momentum heading into the holiday shopping season. Consumers are in a very favorable position going into the last few months of the year as income is rising and household balance sheets have never been stronger,” NRF President and CEO Matthew Shay said. To meet the burgeoning consumer demand, retailers across the U.S. could hire between 500,000 and 665,000 seasonal workers, demonstrating how the holiday season is reshaping the U.S. economy following long periods of disruptions.

Thanksgiving Weekend to Set New Sales Record With Cyber Monday Leading the Charge

Deloitte also has happy news to share. The firm expects holiday sales during the November to January timeframe to touch $1.3 trillion, with e-commerce grabbing a share of up to $218 billion. “As vaccination rates rise and consumers are more comfortable being outside of the home, we are likely to see increased spending on services, including restaurants and travel, while spending on goods will continue to hold steady,” said Daniel Bachman, Deloitte’s U.S. economic forecaster.

“A steady decline in the savings rate to pre-pandemic levels will support consumer spending and keep retail sales elevated this season. Further, e-commerce sales will continue to grow as consumers demonstrate an ongoing and steady movement toward buying online across all categories.”  

Considering that the best deals and discounts appear during the Thanksgiving weekend, including Black Friday and Cyber Monday, NRF says a whopping 66% of holiday shoppers, or an estimated 158.3 million people, plan to pull out their wallets during the weekend. Digital Commerce 360 estimates that U.S. consumers will spend a record $36.40 billion during the Thanksgiving weekend. Cyber Monday retains the crownOpens a new window for being the largest online spending day of the year

See More: Black Friday: Top Security Tips for Retailers As the Shopping Season Beckons

Record Holiday Sales May Invite Record Holiday Scams

While it is heartening to note that a resurgence of Covid-19 in the U.S. has not dampened consumer sentiment, online shoppers have to be conscious of the fact that their festive mood could quickly turn sour if they fall victim to expensive online scams or fraud. Cybercriminals are equally intelligent as the rest of us and have honed their skills for years at defrauding online buyers and making them fall for fake offers during Black Friday and Cyber Monday. 

In a recent public service announcement, the FBI said that during the 2020 holiday shopping season, it received over 17,000 complaints regarding the non-delivery of goods, resulting in losses of over $53 millionOpens a new window . “It is anticipated this number could increase during the 2021 holiday season due to rumors of merchandise shortages and the ongoing pandemic,” the agency said. 

According to the FBI, these are going to be the most common holiday scams this year:

• • Online shopping scams – Scammers offer deals through phishing emails or advertisements.
  • Social media scams – Scammers use social media sites that appear to offer vouchers or gift cards. These scams often lead consumers to complete online surveys designed to steal personal information.
  • Smartphone app scams – Scammers design mobile apps disguised as free games that steal personal information.
  • Work-from-home scams – Scammers use websites and social media posts that offer working from home. Convenience is the attention grabber, but there may be fraudulent intentions.
  • Gift card scams – Victims receive a spoofed email, call, or text asking them to purchase multiple gift cards for person or business reasons.
  • Charity scams – Criminals set up false charities and profit from individuals who believe they are donating to legitimate organizations.

Top Tips to Stay Safe Online As You Grab the Best Deals of the Year

Jen Easterly, the director of the Cybersecurity and Infrastructure Security Agency (CISA), says with the holiday season upon us, hackers are trying to take advantage of unsuspecting shoppers by searching for weaknesses in their devices and internet connections or attempting to extract personal and financial information through fake websites and charities. 

“This holiday shopping season, we’re here to provide a few easy steps to prevent you from becoming a victim of cybercrime. Using strong passwords, updating your software, thinking before you click on suspicious links, and turning on multi-factor authentication are the basics of what we call ‘cyber hygiene’ and will significantly improve your online safety to keep your season merry and bright,” she says. 

Considering how serious the threat is, here are some expert tips on how you can make the most of the holiday season without falling victim to opportunistic scamsters.

Spotting mobile phishing attacks

Hank Schless, senior manager for security solutions at Lookout, says that people are shopping on their smartphones and tablets more than ever before. Consumers receive messages about new deals and shipping updates through SMS and social media platforms all the time. The catch here is that phishing campaigns based on Cyber Monday are built to imitate those communications. 

“To protect yourself from mobile phishing attacks, you should never tap a link from a number or person you don’t recognize. If possible, contact the sender and validate the communication before interacting with the link. If you do tap one of these links, read the full URL in the browser. Phishing sites often use URL spoofing to look like a retailer’s website, for example, but it’s actually something very different when you view the full URL. 

“You should also protect your phone and your personal data by using a mobile security app that offers phishing protection. Not only will this keep your personal data safe, but it also helps protect any work data you access from your personal smartphone or tablet.”

See More: Why Transnational Cooperation Is Key in the Battle Against Cross-Border Cybercrime

Avoid using company devices

Jason Stirland, CTO at DeltaNet International, says that online shoppers should avoid using their company devices to shop on Black Friday and Cyber Monday, considering the scale at which phishing attacks occur and succeed. 

“With many employees using company devices for their shopping, organisations must remind employees of stringent IT policies, stay secure online, and avoid using company-owned devices for personal purchases. Tell employees to use only trusted websites to shop and use credit cards for payments over a secure connection. Don’t forget to monitor bank accounts for any suspicious activity, so banks can be alerted at once if scammers do manage to infiltrate accounts.  

“Employees need to watch out for phishing and social engineering scams targeting shoppers with bargain prices – always triple check any URLs before clicking on them. When logging into accounts for each online retail store, use a solid, unique password for each one. Good password hygiene will help reduce the likelihood of details getting compromised in a data breach. Also, where possible, always use multi-factor authentication to log into accounts to prevent others from accessing your accounts. Employees must remain cautious of ads and prize contests, which are rife during this period, looking to pull and sell consumer information. It’s also vital to keep security updated on all devices including laptops, tablets and smartphones,” he says. 

Follow basic online security rules

Microsoft famously said that cybercriminals are 99.9% less likely to breach a device or an account protected by multi-factor authentication. Similarly, there are many simple yet highly effective magic pills that can significantly hamper the ability of malicious hackers to compromise your device or online account. Let’s look at some of these cybersecurity basics, shared by Tripwire, that you should make a part of your online routine.

• • Shop using secure Wi-Fi: Coffee shop browsing is very convenient, but before you give in and buy something then and there, perhaps save the links and head home where you know your connection isn’t being rerouted to a man-in-the-middle attack when you plug in those credit cards. If you need to do your shopping while out and about, you could consider using a VPNOpens a new window . 
  • Shop from a secure device: Malware or keystroke copying trojans are still out there, siphoning off what is typed into an infected machine, be it a PC, smartphone, or tablet. Check that your antivirus tools are current and running and your operating systems and browsers are updating. 
  • Shop from secure websites: Check that the site you are shopping from uses SSL protection. Does the address bar have “https:” in the URL? That “s” should be required before you enter payment or personal information. 
  • Shop from unique credentials: If you shop from the same website often, it’s helpful to have an account, and sometimes the retailer will require it or create it when you make your first purchase. One mistake many folks make is to use the same password for each of their retailer accounts, thus making it easy for the person to remember. However, you don’t know what the data protections are for each of those retail websites, and you don’t want a single breach on one retailer site to grant a thief access to all of your accounts, so make each password unique. 
  • Use a password vault: See above. So many logins equate to so many passwords. Let the password manager do the heavy lifting! It can help to confirm that your passwords are unique and that you can get back to the retailer next year. 
  • Is it a deal or a “deal”? If it sounds too good to be true, the offer you received via email, text message, or other links may be a scam. Be wary and double-check. Rather than click links, do an internet search for the retailer. Also, access their site as if you hadn’t gotten the email to confirm the offer is real. 
  • Pay securely: No one wants one minor purchase to suddenly lead to a balance-emptying series of fraudulent charges. Use a secure credit card rather than a bank debit card for online purchases. Alternatively, ask your financial institution for a travel card or prepaid debit card that you can use for your online shopping. This would allow you to load up just what you want to spend this season (keeping you in budget!), and if there are any issues with retailers, they don’t have access to your regular debit card account. 
  • Watch your account: Check your financial accounts regularly for any unauthorized activity. (Though if you share a credit card with a loved one, strategize how to keep those present purchases secret!) 
  • Give wisely: Charity donation opportunities abound, but do your research. Don’t feel pressured to give on the spot, and ignore unsolicited requests. If you get an email request, search for their website (and ensure you have the proper spelling) instead of following the link. Don’t forget to check for the “s” in HTTPS before entering a card number or personal information at any site. If you want to donate to a charity, you particularly don’t want the funds to go to a scam site. 

Do you think Internet users easily forget the simplest online safety rules when searching for the best deals and discounts online? Let us know on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!