16th November 2020
Phishing Attacks in UK Surge Posing Unprecedented Risks for Online Holiday Shoppers
Hacky Holidays: Phishing Attacks in UK Surge Posing Unprecedented Risks for Shoppers
Phishing scams are 5x more prevalent than they were last year at this time, with fake Amazon, Tesco, PayPal, DHL and other sites luring people in for cash and identity data
+ UK e-commerce continues to rise and 71% of Brits say they won’t shop in stores this holiday
+ Risk of cyber scams for UK online shoppers in Q4 estimated to be 5x higher than previous years
+ Avira has already spotted numerous phishing scams from Amazon, Tesco, DHL, and more
+ Easy cyber hygiene can help shoppers avoid getting their money or identity stolen
November 16, 2020 (TETTNANG, GERMANY) – While overall retail in the UK plummets, e-commerce is on the rise, with some sectors experiencing years of growth in mere months. Since the initial COVID-19 lockdown last spring, Brits have, not surprisingly, turned to online retail; Tesco doubled its online orders during the peak of the pandemic, Amazon’s global sales were up 37% in Q3 2020 and many other e-commerce shops have reported unprecedented growth. Further, more than 71% of British consumers say they are reluctant to shop in stores this Christmas. With the nation turning to the Internet for their shopping needs, cyber attackers are also filling their carts; in Q3 2020, phishing scams were 5x higher than 2019, and Avira researchers predict a 15% increase in holiday phishing scams on top of the annual 30-40% phishing spike during the season.
“With so many more people shopping online, phishing is a serious threat for the average consumer this Black Friday and holiday shopping season,” said Alexander Vukcevic, Direct of the Avira Protection Labs. “Malware authors are notorious for taking advantage of opportunities, and 2020 has provided a great one for them. We’re already seeing a greater flood of fake online shopping ads that mimic Amazon, and eBay, as well as fake bank and delivery notices from campaigns looking like PayPal, Lloyds Bank and DHL. Cyber attackers are out for money and sometimes identities, so people need to be smarter this season.”
While some cyber attacks are difficult to spot, others are easy to avoid with a trained eye. The following 7 tips can help shoppers stay safe this season:
- Watch out for popular hashtags:attackers tend to use fake accounts to tag users in posts with malicious links, share fraudulent messages, or retweet. To make them more credible, they use popular hashtags such as #blackfriday or #discounts. When looking at hashtagged content, make sure you’re checking the source to ensure it’s a credible one.
- Beware of instant messaging scams:Cybercriminals can gain control of instant messaging accounts by bypassing their rightful owners through phishing or malware keylogging. As soon as you click on a link received in the chat, there is a high probability that you will download malware or land on a fake website. If you get an instant message – think Facebook Messenger, for example – from someone you don’t know, don’t click the link under any circumstance.
- Keep browsers and devices up-to-date:Before you look at offers, the device you use to shop on the Internet should be secured. If an antivirus program is already installed, you should update it to the latest version to take advantage of all available features. Many antivirus programs provide online purchase protection and block malicious websites before they are loaded.
- Be vigilant on unknown sites: It is, of course, safer to shop in larger online shops of already known brands. Of course, supporting smaller businesses is also important, especially during the pandemic. If you choose to shop on a website you’re not familiar with, always check whether the connection to the provider is secured. To do this, look for the padlock icon located to the left of the browser address bar. Additionally, you can check if the URL on the website starts with "https://". The "s" indicates that the Web connection has been encrypted and protected by the SSL certificate. Without HTTPS, information entered can be easily intercepted by hackers.
- Beware of phishing emails:Instead of clicking on links in emails or downloading attachments, it’s safer to access the listed website yourself via the browser to make sure that the offer or any payment requests are genuine. Alternatively, the sender's e-mail address or web address can be checked by hovering over it without clicking on the link.
- Use custom passwords for shopping pages:Once cyber attackers get a password that is used for multiple websites, they can easily access individual accounts. For this reason, it is advisable to use a password manager that can generate and store secure & unique passwords. If you don’t want to use a password manager, at least choose something unique!
- Watch your credit card movements:Cybercriminals know that during Black Friday and the holidays you’re making more credit card purchases – they hope that by dipping into your bank account during this time, the unusual activity will go unnoticed. Many credit card providers or banks now offer push notifications that immediately send an SMS to the mobile phone during a payment process. Thus, unusual purchases can be noticed immediately. Check with your bank to see what type of protection they offer in preparation for the holidays 2020.