As the holiday shopping frenzy kicks off with Black Friday and Cyber Monday, remember that consumers aren’t the only ones hunting for opportunities. This is the prime hunting season for cybercriminals to conduct scams, fraud, impersonation, and theft at massive scale.
- 1 in 3 U.S. adults report experiencing an online shopping scam (Pew research)
- 300 million users are being targeted by cybercriminals for their sensitive and financial information (Amazon)
- 250% increase in fake shopping websites ahead of Black Friday and 232% jump in impersonation sites of Amazon (NordVPN)
- 45% surge in luxury brand counterfeit storefronts, such as Coach, Dior, Ralph Lauren, Rolex, and Gucci. (McAfee).
- McAfee also reports email scams are exploding, up ~50% in retail and ~85% in tech with trusted tech brands being impersonated, with Apple, Nintendo, Samsung, Disney, and Stream listed at the top 5.
AI is providing a massive advantage to attackers by automating the creation of realistic fake e-commerce sites and phishing email campaigns for the singular purpose of obtaining your sensitive data and assets. They may target your financial accounts to siphon money, credit card information to sell or make fraudulent purchases, and even access to home and work systems as part of extortion schemes.
Be wary. This season, the cybercriminals have an advantage and they will use it for their benefit and your detriment! They are faster, highly automated, and more deceptive than ever.
Trust nothing (email messages, links, etc.) and follow good cybersecurity practices.
Here are some tips:
- Never click a link in an email or message. Always navigate to the site yourself.
- Never enter in your login credentials unless you are absolutely sure the site is trustworthy.
- Pay attention to the sender of messages to validate a legitimate domain.
- Use 2-factor or Multi-Factor Authentication when possible.
- Don’t store your credit card details on new e-commerce sites.
- Purchase items with a credit card instead of a debt card, as you are likely to have fraudulent credit card purchases reimbursed.
- Set alerts for charges on your cards, so you know when charges have occurred.
- Be very wary of new or unfamiliar online retailers.
- Don’t be pressured with countdown timers, limited time sales, or urgency tactics that exploit cognitive vulnerabilities to drive poor decisions.
- Don’t share your personal information when it is not obviously needed for the transaction. Nobody should be asking your date-of-birth, employer’s name, family member contact information, or account balances.
- Use security tools to verify sites, trust levels, and conduct secure e-commerce
- Don’t install any merchant or helper apps, as they may be malicious or trojanized. Same goes for tech support calls asking you to download software, sign-in, or provide permissions to your device.
- If ever in doubt, ask a security professional.
Cybercriminals will be out in force, preying on distracted consumers. Stay sharp, protect what is important to you, and share these tips with friends and family. A little awareness goes a long way in protecting your valuables and not being easy prey.
Comments