#Privacy: Be aware of Black Friday cyber attacks

By Craig Moores, Practice Director of SureCloud’s new Risk Advisory Division

The holiday season is coming and we’re approaching the time of year where consumers are seeking hot Black Friday deals or shopping for Christmas bargains, but how much trust do we places in which we shop?

In recent years, we’ve seen an increase in the volume and sophistication of online attacks, increasing the risk of purchasing online – Experian has previously indicated that 43% of holiday shopping identity theft occurs online. But scams during the holiday season are not just an issue for online shoppers as thieves also prey on other unsuspecting shoppers.

In either case, consumers are often led by ‘too good to be true’ offers and fall fowl to opportunistic scams, with some examples including bogus gift cards, card skimming, phishing campaigns and fake online retail sites.

So what can we do to stay safe?

Be on the lookout

Retailers are often targeted by organised crime groups who seek to profit from the £1.49bn spent online during Black Friday in the UK alone, followed by a further £50bn spent by UK shoppers in the lead up to Christmas. With some of these scams being quick and effective, there are a number of things you can think about when you’re shopping in-store or online.

Do some research 

Before you buy something online or in-store, do some research to ensure the retailer or seller is legitimate. ‘Pop-ups’ ahead of peak shopping periods provide thieves a great opportunity to execute scams and by the time you’ve realised, it’s too late.

Don’t expose card details

When purchasing in-store, be sure to cover your card and don’t divulge your PIN number. Also, make your card harder to snatch by putting it out of sight, preferably in a purse/wallet or zipped pocket. Whether it be physical theft, hidden cameras or a rogue employee, scraping card details is relatively simple.

Beware of online fraud 

Before proceeding to any retailers’ payment page, look out for changes in the website URL and make sure that the page is transmitting sensitive information such as your payment details using ‘HTTPS’ (look for the padlock symbol next to the website address).

In addition, here are some other general reminders to keep you safe online:

  • Make sure you keep software and anti-malware protection up-to-date.
  • Always choose unique, strong passwords for your online accounts.
  • Make sure the internet connection you are using is secure – don’t use public Wi-Fi to shop online, especially where you use internet banking or anything else requiring you to send personal information.
  • Consider using payment services such as PayPal when shopping online as you don’t have to provide your actual card details to the retailer.

If you think your card has been used fraudulently then let your bank or provider know immediately so that any further use of the card can be stopped. If you think you’ve been targeted by a scam, you can also report it to Action Fraud on 0300 123 2040, via their online reporting tool or on the FCA Scam Smart website.

Remember, be aware – if a deal looks too good to be true, it probably is! 

About SureCloud

SureCloud is a provider of Gartner recognised GRC software and Cyber & Risk Advisory services. Whether buying products or services your organisation would benefit from automated workflows and insight from the award-winning SureCloud platform. All of SureCloud’s service offerings are fully compatible with the GRC suite of products enabling a seamless integration of information, taking your risk programmes to the next level.

 


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/