Online shopping has become a dominant theme in everyone’s lives today, ordering everything from basic groceries to expensive gadgets with just the click of a button on the internet. Since the pandemic, around the beginning of 2020, people have been spending more time on e-commerce and online shopping websites. This rush and rise in demand also attract cybercriminals, who cash in on online shoppers by creating fake pages mimicking the biggest retail platforms, e-payment systems and using other phishing tricks.
Cybersecurity company Kaspersky detected more than 40 million phishing attacks around the world targeting e-commerce and e-shopping platforms, as well as banking institutions, during the first ten months of 2021. What can you do to stay safe while shopping online during the holiday, festive season and beyond? Here are some recommendations based on tips from Kaspersky and the UK-based cybersecurity company Sophos.
Always shop from a secure computer or mobile device: If your computer or phone is compromised, then all of the information on it is vulnerable: including your passwords, information like your address and social security number, credit card details, and more. To ensure that you are safe from malware, viruses, and keyloggers, download a reliable antivirus and online security software, which can not only block compromised websites, provide privacy protection and stop unauthorized access to your webcam. You should also avoid shopping on public computers.
Do not open unknown attachments, links in your email: Watch out for spam emails. This is true especially for emails that appear to be from your banks, e-payment apps, or shopping portals. You should be alarmed if the sender insists on it in the email. Also, be wary of any deals that seem too good to be true. It is always better to go to the official website directly and log in to your account from there. Moreover, double-check the format of the URL, the spelling of the company name or the sender’s email. Cybercriminals often make basic grammar and spelling errors while working in a haste. You can always check reviews and check the domain’s registration data before filling out any personal information.
Monitor your credit card, bank statements regularly: Keeping a close watch on your credit card and bank statements can be helpful. If you see any transactions that you don’t recognize, call your bank or credit card company to report it immediately. Likewise, pay attention to any alerts from your bank about suspicious spending, especially this time of year.
Only shop on secure websites: For the most part of 2021, many popular e-commerce websites – the likes of eBay and Alibaba, among others, were used as bait to spread phishing pages. Only use shopping websites that start with “https” instead of just “http”. When you’re on these secure sites, the address bar of your browser should display a lock on the left-hand side. This means the site is using strong TLS/SSL (Transport Layer Security/Secure Sockets Layer) encryption to protect your information.
Stronger passwords: If you are still using weak passwords, like ‘password’, in 2021 or even repeating them for multiple accounts, then you are leaving yourself vulnerable. According to Sophos, strong passwords are an absolute necessity for online security. They’re especially important on sites that let you spend money. Reusing passwords means that a hacker who gets just one of your passwords can access anything else you used that password for. Password managers are helpful too. These programs – check out LastPass, BitWarden and Dashlane – can keep your passwords safe, leaving you with only one ‘master password’ to remember. Next, use multi-factor or two-factor authentication when possible. Multi-factor authentication or MFA verifies your identity through more than one channel. When you log in with your password, for example, you may also get a text to your phone with a one-time passcode to enter. It’s an important extra layer of security.