Better Cyber safe than sorry! 5+1 tips for Black Friday madness

Better Cyber safe than sorry! 5+1 tips for Black Friday madness

With Black Friday (and Cyber Monday) just around the corner, threat actors are rubbing their hands together.

Chances are you have at least one contact who’s been hacked at least once, either to their knowledge or not. This includes malicious acts, from the theft of their social media accounts to the exposure of their banking details. And chances are that one or more of your personal data sets will, sooner or later, be involved in a future data breach.

This is just a fact that we must live with in the age of digital transformation when technological applications, and the novel threats that come with them, emerge faster than we can adapt.

During the shopping season just before Christmas, most of us engage in a spending spree. Between the holidays, new year, family gatherings, annual bonuses, and the consistent advertising bombardments coupled with spending-provoking holiday music, we simply spend more than usual. Our email inboxes flood with Black Friday offers, and our browser ad banners flash with Cyber Monday deals that tempt even the most reserved of shoppers.

Just before Black Friday and the subsequent Cyber Monday, holiday specials overwhelm us, and it’s easy to lose focus. In a state of confusion, we run the risk of making an online transaction that turns out to be dodgy and fraudulent. This is why cybercrime activity tends to skyrocket during these times of vibrant spending activity.

Here are 5+1 online Black Friday safety tips to keep in mind

1. Be careful which emails you open

Most cyberattacks are initiated by phishing, which refers to email messages containing malicious links and/or attachments. You must be aware that cybercriminals wanting to deceive you into falling for their phishing scams will want to seduce you with hard-to-resist subject lines or too-good-to-be-true offers. Be extra sceptical of unsolicited emails containing offers. If the email is from an unknown sender, delete it right away. If you are unsure, and you want to check out the offer, you can always visit their website directly instead of clicking on any link contained within the email. This way you reduce the probability of you falling victim to a phishing attack.


2. Be careful which links you click on

Links are not always disseminated via email. You may get a suspiciously long link via a friend’s hacked social media account, click on it, and before you know it, your device is infected with who knows what. You can potentially find malicious links through social media posts, SMS, websites and even web advertisements, all of which are swarming with Black Friday and Cyber Monday themed content, designed to grasp your attention and dazzle you. If a link looks too long, too unfamiliar or just too weird, do not click on it. Better safe than sorry.


3. Be careful of which websites you shop from

Using your credit card details on an insecure or fake malicious website is the quickest way to get robbed. With so many offers that are hard to pass, many people are willing to risk using their card to get a hold of that limited offer. With the advent of dropshipping in recent years, everyone and anyone can now have an online shop. What’s shocking is that a lot of online shops these days tend to have a very short lifecycle, with the aim of making a few quick bucks with little regard to quality of service, and then close shop until their next rebrand. Even if they are not a scam website, who’s to say their website processes your personal information securely? If you have to order online, make sure that you order from trusted well-known websites. Word of mouth works best, because people’s direct experiences and reviews are the gold standard of trustworthiness. If you are not sure whether a website is secure or not, but you are still willing to try, you can always create a virtual debit card with just enough money in it to buy what you want.


4. Never shop over a public WiFi

Most of us in 2021 spend more time using our smartphone rather than our computer for our social media consumption and shopping. Since using WiFi is an inevitability, public WiFi is something you want to avoid when inputting your personal data and bank account details to make a purchase online. This is because WiFi enables Man-In-The-Middle attacks that are much easier to accomplish when your device is connected to a WiFi network of which you’re not in control. This kind of cyberattack allows threat actors to eavesdrop on your communications, and this gives them the capability to discern your bank details, which they can then use for whatever purpose they see fit. If you have to use a public WiFi, at least make sure you use a trusted VPN service that encrypts all your communication end to end, this way rendering Man-In-The-Middle attacks irrelevant.


5. Change your passwords

One or more of your accounts and their passwords might already have been leaked in a data breach without being exploited yet. Threat actors may be waiting for the shopping season to come around in hopes that you will not notice them using your accounts or card details to do the things they do. Just before this season, this may be the best time for you to change your password, in case they were exposed in a recent data breach. It is generally advised that you change your passwords regularly, but most of us don’t, since we have so many, and keeping them up to date regularly would be a truly laborious and frustrating task. But, if you must do it once a year, just before holiday season is the best time for it.


6. Monitor your bank statements

Sometimes, you can do everything right and still be the victim of data theft. Maybe a website is breached and your stored card details are leaked. This happens more often that most think, with even the largest online retailers and service providers falling victim again and again to data breaches exposing sensitive customer information. By regularly checking your bank account activity, you can spot unknown and suspicious activity potentially by criminals who have somehow stolen your bank details.