In order to push people to buy online, Cyber Monday is the biggest online sales day in a whole year. However, criminals know that you’ll be looking for those perfect holiday gifts with Black Friday and Cyber Monday deals in mind.
Criminals rely on you to “click before you think” when browsing the hoard of online discounts and holiday sales. Without the proper preventative measures put in place, Cyber Monday can leave you extremely vulnerable to various identity crime tactics and scams.
Laura Bruck, from EZShield Fraud Protection, takes a look at some common scams that target you, the consumer, and how to secure your information for Cyber Monday 2017.
Identity Thieves LOVE the Holidays
It’s no secret that retail holidays like Black Friday and Cyber Monday are also major cybercrime holidays. Security experts have noted that cybercrime in general spikes significantly during the holiday season.
Research confirms what identity thieves already assume: most consumers prefer to shop online. DomainTools found that 92 percent of U.S. consumers shop online – and almost half of all consumers plan to shop online for Cyber Monday 2017.
Why We Keep Falling for Online Scams
Identity thieves typically use two common methods to target consumers for their personal and financial data. Let’s explore how emails and spoofed websites can be used for retail holiday scams.
1) Spoofed Websites
Spoofed websites – also sometimes called phishing sites – are extremely common during the holiday season. In fact, the Anti-Phishing Working Group (APWG) found 119,000 unique phishing sites impersonating over 300 different brands in November 2016.
Criminals set up fake websites to steal your personal information. These sites will often replicate well-known companies like Target, Amazon or Walmart to further convince you of their legitimacy. In short, criminals hope that you trust the site enough to provide sensitive information like Social Security numbers, credit and debit card information and other personal data.
You may visit a page that visually looks familiar. But spoofed websites will have URL links that do not align with a company’s official website. While some may be easy to spot, more sophisticated criminals can create URLs that closely mirror legitimate sites. Because of the fast-paced nature of holiday shopping, criminals hope you’re too fixated on that too-good-to-be-true deal than notice whether the site is legitimate.
2) Phishing and Spam Emails
Phishing emails go hand-in-hand with spoofed websites, also aiming to impersonate well-known companies that are familiar to you. Spam emails can also contain harmful software, or malware, disguised as links or attachments within the email itself.
Like spoofed websites, phishing emails want to convince you to trust them – or at least trust them enough to give up your personal information. They work in concert with spoofed websites because they often act as ways to send victims to the fake sites.
Spam emails, on the other hand, may have a different purpose. The malware often found within these messages can either be unknowingly embedded or misrepresented as a link or attachment within the email. Different types of malware carry out different functions. Sometimes malware is meant to leave a device more vulnerable for future cyberattacks. Other malware can be used to remotely control or view information on the device itself.
Cyber Monday 2017 ID Protection Tips
Since Cyber Monday is still an effective way to find great holiday deals, use these tips to keep your information safe from identity thieves this year:
- Avoid downloading or “redeeming” coupons, promotional or discount codes from emails and pop-ups. These are often used to convince you to click or download malicious software to your device.
- Be wary of deals you find on social media websites or search engines. Sophisticated cybercriminals can manipulate spoofed sites to show up in search engine results or social media ads.
- Double check deals on the company’s official website to determine if coupons or promo discounts are legitimate. If the deals don’t match, it’s more than likely a phishing or spam email.
- As always, never provide login, personal or financial information on unsecured sites. Look for “https://” at the beginning of the web address and the green lock next to it to ensure you’re visiting a secured site.
This post originally appeared on: www.business2community.com