16th November 2020

“With so many more people shopping online, phishing is a serious threat for the average consumer this Black Friday and holiday shopping season,” said Alexander Vukcevic, Direct of the Avira Protection Labs. “Malware authors are notorious for taking advantage of opportunities, and 2020 has provided a great one for them. We’re already seeing a greater flood of fake online shopping ads that mimic Amazon, and eBay, as well as fake bank and delivery notices from campaigns looking like PayPal, Lloyds Bank and DHL. Cyber attackers are out for money and sometimes identities, so people need to be smarter this season.”

While some cyber attacks are difficult to spot, others are easy to avoid with a trained eye. The following 7 tips can help shoppers stay safe this season:

1. Watch out for popular hashtags:attackers tend to use fake accounts to tag users in posts with malicious links, share fraudulent messages, or retweet. To make them more credible, they use popular hashtags such as #blackfriday or #discounts. When looking at hashtagged content, make sure you’re checking the source to ensure it’s a credible one.

2. Beware of instant messaging scams:Cybercriminals can gain control of instant messaging accounts by bypassing their rightful owners through phishing or malware keylogging. As soon as you click on a link received in the chat, there is a high probability that you will download malware or land on a fake website. If you get an instant message – think Facebook Messenger, for example – from someone you don’t know, don’t click the link under any circumstance.

3. Keep browsers and devices up-to-date:Before you look at offers, the device you use to shop on the Internet should be secured. If an antivirus program is already installed, you should update it to the latest version to take advantage of all available features. Many antivirus programs provide online purchase protection and block malicious websites before they are loaded.

4. Be vigilant on unknown sites: It is, of course, safer to shop in larger online shops of already known brands. Of course, supporting smaller businesses is also important, especially during the pandemic. If you choose to shop on a website you’re not familiar with, always check whether the connection to the provider is secured. To do this, look for the padlock icon located to the left of the browser address bar. Additionally, you can check if the URL on the website starts with "https://".  The  "s" indicates that the Web connection has been encrypted and protected by the SSL certificate. Without HTTPS, information entered can be easily intercepted by hackers.

5. Beware of phishing emails:Instead of clicking on links in emails or downloading attachments, it’s safer to access the listed website yourself via the browser to make sure that the offer or any payment requests are genuine.  Alternatively, the sender's e-mail address or web address can be checked by hovering over it without clicking on the link.  

6. Use custom passwords for shopping pages:Once cyber attackers get a password that is used for multiple websites, they can easily access individual accounts. For this reason, it is advisable to use a password manager that can generate and store secure & unique passwords. If you don’t want to use a password manager, at least choose something unique!

7. Watch your credit card movements:Cybercriminals know that during Black Friday and the holidays you’re making more credit card purchases – they hope that by dipping into your bank account during this time, the unusual activity will go unnoticed. Many credit card providers or banks now offer push notifications that immediately send an SMS to the mobile phone during a payment process. Thus, unusual purchases can be noticed immediately. Check with your bank to see what type of protection they offer in preparation for the holidays 2020.