As we approach the holiday season, we wanted to emphasize the importance of cybersecurity awareness to both our users and others to provide a better understanding of ever-developing cyberattacks.
Ahead of the Black Friday shopping madness, the DynaRisk cyber-surveillance team urges online shoppers to be aware of the common red flags to avoid scams.
Following the Covid-19 pandemic, a whopping 80% of UK buyers shifted to online shopping, with many preferring to use mobile devices to do so. More than ever, this means being cyber aware at all times and across all devices coherently and consistently with the right tools.
How Black Friday cyber attacks might look like
Phishing attacks often rely on prize scams. A legitimate business would never redirect you to pay for something you’ve won. The chances are, you’re probably not going to get that iPhone for $2. Sounds obvious, right? Readers would be surprised at how many users simply click through and expose themselves to an attack.
We constantly encountered many deceptive Amazon pop-ups promising gift cards, prizes and the like. Typically, the link will lead you to a spoof website or redirect you to install a fake app.
Here’s a recent insight into the Dark Web and just one example of Black Friday cyber-attack planning that our team caught in cyberspace.
The DynaRisk surveillance team downloaded a beginner’s guide for hackers after discovering a tutorial on a Dark Web forum. The guide conveniently mentions the basics: SMTP, a scam page, web domain, essentially all the areas that an aspiring beginner level hacker needs to know. Notably, the team observed that the prices for such ‘hacker beginners' sets are surprisingly affordable.
How to protect yourself from Black Friday cyber attacks
Below are some of the habits and lessons to inform online shoppers about cyber safety ahead, during and after Black Friday. DynaRisk believes that personal and corporate cyber protection is an essential ongoing monitoring task for all users and online businesses. DynaRisk strongly recommends such a mindset and approach to self-awareness of cyber security and online activity as the internet becomes further embedded into our lives and arguably, speeded-up by Covid-19, lockdowns and enormous changes to working practices.
Be vigilant in cyberspace
- Check the website URL. The address should begin with "https" instead of "http" (the "s" stands for "secure").
- Double-check the layout, grammar, and spelling mistakes.
- Research a price range.
- If the offer sounds too good to be true - it probably is.
- Check payment options.
- Avoid purchasing from websites that offer one of these payment methods: money order, preloaded money card, direct bank transfer, virtual currencies, wire transfer.
User impact
- Phishing
- E-Skimming
- Refund fraud
- Financial Malware
- ATM Skimming
- Device Theft
Recommended actions
- Set your user profile to private when possible.
- Be careful with data you share on social media accounts.
- Enable two-factor authentication (2FA).
- Never open documents or messages from an unknown or suspicious address.
- Use a VPN, if you are browsing on public Wi-Fi.
- Use a secured eCommerce platform.
- SSL and PCI Compliance.
- Use strict policies.
- Ensure customers are using strong passwords.
- Secure data - backup.
Check now and see if your data has already been breached in an online attack by using DynaRisk’s email data breach scanner. This free tool enables web users to check if their data has already been exposed to a historic data breach as well as a current status. This is facilitated and driven by the very high volumes of data that DynaRisk’s Cyber Surveillance team captures from the Dark Web.
Useful links
Why Should You Use A VPN While Shopping Online?
Ecommerce looks to hit £120bn as UK shoppers could spend £10bn more in 2021
Online shopping behavior in the United Kingdom (UK) - statistics & facts
Stay secure
Cyber Surveillance Team