This year, the majority of consumers will be shopping online during the holiday season, with many planning on spending more this year compared to other years. The holiday season typically sees a spike in online activity, with the busiest days being between Black Friday and Cyber Monday.
However, with more consumers planning to do their shopping online, experts are seeing a surge in malicious cyber activity targeting unsuspecting consumers, including small businesses that are not prepared with the necessary cybersecurity infrastructure.
The holiday season tends to see a peak in online-related crime, with at least 48 percent of people saying that they have been scammed while shopping online during the holidays. A further 53 percent have said that they are most concerned about shopping scams during peak holiday sales events, including Black Friday and Cyber Monday.
Elsewhere, a national survey by the American Association for Retired Persons (AARP) found a majority of people – eighty-two percent – have encountered some form of fraudulent activity while browsing online. Anything goes, from deceptive advertising, fake shipment notification requests, and even fraudulent charities, according to the survey.
During this time of the year, personal safety should take precedence. Online scams have become increasingly sophisticated, and being informed about the potential dangers of these cyber threats can save you time and money.
What to look out for?
The holiday season sees malicious actors take advantage of holiday-related activities, including things such as online shopping, bargain hunting, and even fake seasonal job advertisements.
Online scams have blended into our everyday lives, and without even knowing, you or someone close to you might encounter a scam or scammer at any given moment. Knowing what to look out for is part of keeping yourself safe this holiday season.
Package Delivery Scams
One type of scam that has taken flight in recent years, and more so around the holiday season is package delivery scams. Fraudsters will send a text message, or an email, acting as a delivery service, and requesting you to click a link in the message to update a delivery address or to track the parcel.
This common scam often catches people off guard, seeing as most people shopping online will be awaiting communication regarding their orders. However, these messages are immensely deceptive, and clicking the link, and sometimes just opening the message can result in your digital device being infected with malware.
Coupon or Gift Card Scams
During the holidays, a gift card can be purchased from any business that provides such services. However, a ploy that some fraudsters might use is creating fake e-mail accounts, and targeting people with misleading advertisements surrounding gift card purchases or deals.
For instance, an advertisement might offer shoppers a free gift card, however, it requests that you enter a load of personal information before you can gain access to the gift card. Other ploys include paying for multiple gift cards upfront or requiring you to send a chain email to multiple people before you can access the gift card.
Missed Delivery Scam
Are you waiting for a delivery to arrive? Fraudsters create fake package delivery accounts to trick people into handing over personal information.
For example, a person waiting to have a package delivered might receive a text message saying that an order cannot be processed until a certain number of requirements have been completed. The message will include a link, and use persuasive language to force people into opening the link or completing a fake form.
This type of scam is readily used, and fraudsters will impersonate delivery service agents, acting on behalf of the delivery service, or even the company where an order has been placed.
Fake Job Advertisements
Last year, fake job advertisements surged by more than 118 percent, the majority created through the use of artificial intelligence (AI). Posting a fake job advertisement is a common scam to obtain people’s personal information.
During the holiday period, many people may be looking to change jobs, or even take up part-time work. This leaves plenty of opportunity for scammers to post fake job adverts, for existing and non-existing companies. This allows scammers to trick people into handing over their personal information.
Social Media Scams
Be aware of the many social media scams floating around this time of the year. Fraudsters will make use of social media to attract unsuspecting users, usually through misleading surveys that promise gift cards, free products and services, or a series of convoluted questions to obtain a person’s personal information.
Make sure that the people you follow on all social media platforms are verified or vetted users that you can trust. More than this, never share personal information via a survey or form on social media, unless it’s for a company or person that is reliable and has been vetted.
Who is most at risk?
For scammers, everyone is a target. Fraudulent activity is directed to target the most vulnerable people, however, there are instances where even those most equipped with the ability to identify scams can fall victim to these bad actors.
Those that are most at risk of falling for online scams, or fraud-related activities may include:
Weak security settings: People who have weak passwords, use the same password across multiple devices or accounts, or do not have appropriate security infrastructure on their devices.
Unaware of online scams: Individuals that have not been properly informed about online scams, and what these scams may look like.
Easily influenced: Online users are influenced by online content and information. It’s important to do proper research before making an online purchase or interacting with any business, person, or organization online.
Inexperienced users: Individuals that have had limited exposure to online communities, and other internet-related activities such as using social media, e-mail accounts, or digital devices.
Unsecured devices or network connections: Those who ignore the importance of securing devices or installing a security system for network connections may increase their risk of exposing their personal information.
Vulnerable groups: Individuals from low-income, disadvantaged backgrounds, socially vulnerable, or socially disadvantaged individuals may be more susceptible to becoming easier targets for online scammers.
Inadequate access to resources: Individuals who have limited access to the proper guidance or resources to equip themselves with the tools or knowledge required to identify possible scams or fraudulent activity. For instance, a small business with limited financial capital to train employees on cyber safety protocols, or does not implement a cybersecurity policy.
What to do to Protect yourself?
Keeping yourself safe and secure this holiday season means being aware of the risks that you might encounter while online shopping. Having precautions will ensure that you mitigate your risks of exposing yourself to fraudulent activities, and keeping yourself and your personal information safe.
Avoid unrecognized messages
Phishing scams are a way to target online users and are usually included as a link via a message or email. Avoid clicking any links that you are not familiar with, this includes visiting online websites which you have not used before.
This is not to say that every message or email you receive this holiday season contains a malicious link. Be aware of the accounts that you interact with online, and should you receive unidentified communications from a company or person you have not recently interacted with, try to delete the message or block the contact.
Ignore spam email
In 2023, around 45.6% of all emails sent were identified as spam. On average, more than 160 billion spam emails are sent per day. Scammers may use email as a form of communication, often embedding malicious links into these messages.
Avoid opening any email that you do not recognize or have been sent from an unidentified individual or company. Fraudsters may use the name of another company or person as a front, and to trick people into clicking links that may lead to malicious websites.
One way to identify these types of emails is the account from which it’s been sent. Most companies will have a dedicated email domain or handle they use for all customer communication. Make sure to verify these email addresses with the company before any further contact.
Shop via Apps
Where possible, make use of shopping applications to complete transactions. Many shopping apps will contain the necessary security measures to safeguard your personal and banking details.
In addition to shopping on an app, make sure to remove any personal or banking details once a transaction has been completed. Ensure that your digital wallet is secured or encrypted, and activate multi-factor authentication on your wallet to complete transactions.
You may want to add biometric security features such as fingerprint, facial recognition, or passwords on apps that contain banking information. Minimize how much information you share on an app, and once a transaction has been completed, remove any banking details you may have used.
Use Strong Passwords
Globally, three in four people do not adhere to widely accepted password best practices. In addition to this, around sixty-four percent of users either have too weak passwords or repeat the same password across multiple accounts.
In 2023, a study by Verizon revealed that eighty-one percent of data breaches occur due to stolen or weak passwords.
Having a strong, and encrypted password is one of the most important ways to protect yourself and any personal information. Make sure to create a sophisticated, and complex password that makes use of various characters, letters, and numbers.
More than this, try to avoid using your name, cellphone number, or birth date as part of your password. Try not to make use of the same password across multiple accounts. You can use a password manager application to keep all of your passwords secure in one place.
The more secure your passwords are, the better you will protect your personal information or online accounts.
Avoid Public Wi-Fi Networks
Around 20 percent of U.S. adults make use of public wifi to complete financial transactions. In addition to this, roughly 21 percent of adults will use a public wifi connection to work remotely.
The dangers of using public wifi are not widely shared, however, in more recent years, experts have warned that using a public network connection can place individuals at risk of exposing personal information to malicious actors.
To minimize these dangers, avoid using a public wifi network that does not have a password. Avoid completing transactions, sending sensitive information, or sharing personal details while using a public wifi network.
To protect yourself, always make use of cybersecurity, such as a Virtual Private Network (VPN). A VPN allows you to encrypt all your data or information and creates an additional layer of security between you and any unknown actors.
Use a secure digital wallet
Nowadays, it’s become increasingly convenient to complete online transactions using a digital wallet such as Apple Pay, Google Wallet, Cash App, or Venmo. Digital wallets typically contain a virtual card that is directly linked to your bank account and can be installed on a mobile device.
These cards enable you to pay or transact without having to use a physical bank card and allow for more seamless transactions online. However, not all digital wallets may contain the necessary encryption and lack valuable security features.
Instead, security measures such as multi-factor authentication or biometric measures should be activated to approve any transaction. This will enable better security, and minimize potential malicious activity taking place on your account without your prior consent.
Use reliable websites
When shopping online this holiday season, make use of reliable and verified websites for online transactions. To check whether a website is legit, you can do the following:
- Make use of trusted cybersecurity systems.
- Verify the company’s website via their social media.
- Double-check website authenticity with a Google Transparency Report.
- Review website or company information, including contact details.
- Analyze the website’s presence, including content, photographs, and grammar.
- Check for a padlock in the URL bar.
- Verify the company reviews online and on social media.
Along with this, it’s advised to shop on websites you are familiar with or have used in the past. When completing a transaction, ensure that the website makes use of digital security to encrypt financial transactions.
Update Cybersecurity Software
Try to update your cybersecurity infrastructure or conduct a security audit on all your devices. Using updated security software will ensure that the appropriate security measures are in place, potentially minimizing the threat of fraudsters. Newer software will have better security features and can include a variety of features to help protect your devices, web browser, and other platforms that you regularly make use of.
Trust your instinct
Should you ever come across a website, email, or social media advert, and you are questioning the authenticity of the message, always trust your instincts. If you feel that a website is requesting too much personal information to complete a transaction, or does not meet your digital security requirements, it’s best to switch over to a different browser or website. Remember, if something is too good to be true, it probably is.
Finishing thoughts
This year when shopping online, remain vigilant of potential scams. Minimize sharing personal information with unknown entities. In addition, ensure that you make use of appropriate cybersecurity infrastructure to protect your personal information, devices, and browsing activity. This practical advice will help you remain safe, and protect your data while shopping online this holiday season.