The holiday season is coming up and we expect that many will opt to shop online to avoid the big crowds in city centers, malls and stores.
In America, Cyber Monday, the cyber version of shopping day Black Friday, was born in the mid 2000s. Cyber Monday sales have steadily increased since its inception and according to IBM Digital Analytics, sales grew 8.5% in 2014. According to ComScore, purchases are now also being made from smartphones with overall spending from mobile devices in the millions.
Americans aren’t the only ones who have embraced Cyber Monday, many other retailers around the world have come together to offer deals on the Monday after U.S. Thanksgiving and in China, Singles’ Day (November 11th) has become a major ecommerce day with 27,000 online merchants participating in 2014.
This is not only an exciting time for online retailers and online shoppers but also for cyber criminals. I spoke with our senior malware analyst, Jaromír Hořejší about how cybercriminals are preparing for Cyber Monday:
Cybercrooks believe that their attacks are more likely to succeed during the holiday shopping season.
Retailers have been “leaking” special Black Friday deals since before Buffalo got covered in a snow wall, and that flurry of sales results in the annual spike that carries them through the rest of the year. But analysts who study these things warn that cybercrooks are riding the sales wave with a surge in attacks due to relaxed security measures.
The Wall Street Journal quotes Gartner Inc’s vice president Avivah Litan,
Retail transaction volume increases by 50% during the holidays and retailers don’t want to stop to slow the pace of business, so they relax fraud controls to some degree. Criminals know they’re likely to get away with more.
Yikes! That’s not good news for consumers, especially since we are swiping our credit and debit cards at places like Target, The Home Depot, and Neiman Marcus – all victims of point-of-sale terminal hacks this year. Experts have advised retailers to take action, like upgrading terminals with new technology and enabling chip embedded cards, but all that takes time to implement.
It’s not much better online. Attacks during last holiday shopping season, November 14, 2013 through January 9, 2014 increased by 264% over the weeks prior to that time, says security company Imperva.The reason?
Cybercrooks believe that retail applications are more vulnerable during this time of the year, and that attacks are more likely to succeed. Isn’t that what the Gartner analyst said about brick-and-mortar retailers?
The reasoning is similar – in order not to annoy shoppers who can go elsewhere, online retailers relax strict security measures such as step-up authentication and Captcha. Add that easy check-out to all those new Black Friday and CyberMonday quick campaign webpages, (“bad design, unsafe coding, and usage of insecure third-party libraries”) and cybercrooks get an early Christmas present in the form of your credit card number and possible stolen identity.
How to protect yourself during Black Friday
- Stay home on Thursday Celebrate Thanksgiving with your family. That way you can safely eat too much and watch football and movies while avoiding the crazed crowds trying to jump the gun on Black FRIDAY sales.
- In God We Trust, All Others Use Cash Use cash or a credit card when paying for your purchases. With a credit card, you can dispute charges, if your financial data falls into the hands of cybercrooks.
- Change your passwords. Please don’t use the same password for online shopping sites that you use for your bank. When you do it’s like wrapping it in fancy paper and a bow – it’s that easy for a cybercrook to get to.
- Regularly monitor your bank and credit card statements to make sure all the transactions are legitimate. Monitor your credit report for any changes.
Seasonal shopping fever starts with Black Friday and Cyber Monday in a few weeks, but we’ve already seen terrific sales offered online by retailers getting an early start. Every year more people make their purchases online, with the intention of saving time and money and avoiding the crowds. There are, however, some people who love the shopping season for different reasons. These are people we all want to avoid – Cybercrooks. They study our shopping behavior with one thing in mind – to take advantage of us for their own profit. Here are a few tips to lower your risk of falling victim to cybercrooks.
Protect your credit card well
The most important rule is to protect your credit card. While shopping online, the only information you generally need to authenticate a payment are the numbers written on both sides of your card. Along with the PIN code, these are crucial for the security of your banking account. Be very careful who you entrust with them.
- Never let anyone write down your card number or take a photo of it
- Never send those credentials by email, SMS, or tell them over the phone
- Never give your card to a website you do not trust or which does not use a secured (encrypted) connection
- Process your credit card data only from a clean (without malware infection) computer
- Limit the maximum value payable over the internet at your bank
Some of the points mentioned above require in-depth explanation. Let’s take a closer look at them. Read more…
Black Friday offers deep discounts and enticing deals, but holiday shoppers who venture out into the cold, dark night must have brave hearts, steely resolve, and pointed elbows. Far away from the crowds of frenzied shoppers, those of us who prefer to shop online, wearing our fluffy bathrobes and drinking hot chocolate, face our own set of dangers.
Here are some online shopping tips to help you remain safe and secure:
Choosing the Merchant
- Stick with what you know – Use websites that you know are legitimate. If you visit an unfamiliar one, check the avast! WebRep rating to make sure it’s trustworthy. A quick search for reviews, complaints, or scams related to the site will help you too.
- Make sure the site is secure – Look for the closed padlock icon on your browser’s address bar or a URL address that begins with shttp or http. This indicates that the purchase is encrypted or secured. Read more…
Black Friday, the day after Thanksgiving and the busiest shopping day of the year, starts at midnight November 25th with mega-sales running throughout the weekend. Cyber Monday, the online retail equivalent to Black Friday, is the time when many consumers, who didn’t want to fight the crowds over Thanksgiving weekend or failed to find what they were looking for, shop online that Monday from home or work.
“For our US friends especially, this weekend is when retailers, offline and online, offer the best deals of the year,” said Jindrich Kubec, senior virus analyst at the AVAST Virus Lab. “It’s also when cybercriminals become hyperactive with scams and fraudulent offers.”
I love getting a good deal. Buy one-get one free. Double store coupons. Generics as good as or better than the brand name. But some people equate an expensive price tag with a better product – you know, the “You get what you pay for” crowd.
Expensive is not necessarily an indication of quality, and a more expensive item may not be the best buy. AVAST has illustrated that with our award-winning avast! Free Antivirus. The free avast! product has proven it’s better quality again and again against paid-for antivirus products like the ones that come pre-installed on your computer. (Check out our interactive comparison to see for yourself)
Does clipping coupons or using avast! Free Antivirus make me cheap or does it make me frugal? (jump to our quiz at the bottom to find out if you’re cheap or frugal) Read more…