As the holiday season fast approaches you will be on a race to do all your shopping in time. Online shopping makes the hassle of getting prepared for Christmas easier than ever before. No more shifting through shelves or waiting in queues. Now you can shop in the comfort of your own home. However, this comes at risk because the rising trend of cyber crime. Over the past years there has been a 45% increase of reported shopping fraud(1).

The huge number of shoppers, combined with Black Friday and Cyber Monday rushes, provide cyber criminals the perfect chance to set a scam into action on a wide range of people. They can harvest large amounts of personal information or credit card details from unsuspecting victims.

Fortunately, there are ways to keep yourself safe online and prevent any nasty surprises this Christmas. Here you can find the advice you need to keep your money and personal details safe when shopping online.

Shopping Safely

While you will be looking to find the best deals, you should be wary of crooks trying to lure you in. In 2016 there was an estimated £10 billion loss to individuals as a result of cyber fraud(2), and it is estimated that £16 million was lost due to shopping fraud at Christmas(3).

The most common items used in online fraud at Christmas include popular brands of clothing and makeup, as well as gadgets like iPhones and watches. The newer and more desirable an item is the easier it is for criminals to entice their victims with the promise of a huge discount.

When shopping online you can protect yourself from potential cons by keeping the following advice in mind:

Only purchase from websites with HTTPS in the address. Websites using regular HTTP cannot secure your personal or bank details. HTTPS will encrypt your details when you send them through the website, meaning hackers will not be able to read them. Most browsers, including Chrome and Firefox, will alert you if a website is not secured with a warning in the URL bar. A closed padlock symbol in the URL signifies the website is using HTTPS. Check before making a purchase.

Example of Google Chrome's warning.

Make sure your computer has trusted antivirus software which is constantly updated. These tools can warn you if a website contains security threats. Over 360,000 new malware threats are detected each day(4), so keeping your antivirus updated is vital to staying on top.

If a deal looks too good to be true, it probably is. It is easy for criminals to create authentic looking product images and webpages to make their offers seem more legit. Apply some scepticism when faced with a dream offer. If a website is giving a bigger discount than every other outlet, especially on the latest products, then consider that all is not as it seems.

Buy from trusted retailers as much as possible. If you come across an unfamiliar site, then you should always do research before making any purchases. If you cannot find any information on the seller, then avoid them. When purchasing tickets, always buy them from official sources and not resellers.

Online auctions can net you some bargains, but you should exercise caution. Goods can arrive late or not at all, or the seller might not be truthful about the product they are offering.

Before placing a bid, you should inspect the item and its description carefully. You should also look up the seller’s history and the reviews of previous buyers. If the seller has little history or if people are leaving complaints, then it is best to avoid them.

One way of protecting yourself is to use secure payment methods, such as Paypal. Avoid paying by money transfers as these are not secure. Do not send any confidential or financial information to seller using email.

Avoid Phishing Scams

Phishing scams are ever present online, but extra care should be taken when Christmas shopping, because it is easy for scams to get mixed in with real messages. For example, you may receive emails claiming to be from Amazon, saying that you need to log into your account for whatever reason, with a link included in the email. If you have been making many purchases, then you can expect confirmation and shipping messages. It is easy for phishing emails to hide among the real messages, and you might be more susceptible to trusting them.

Phishing scams prey on your fears to you act without thinking. At Christmas time this might include an important gift getting lost in delivery, or that your account has been compromised.

Phishing scams can be avoided by applying some common sense rules when dealing with emails:

Avoid visiting websites via emailed links as these can be lead to spoofed webpages designed to steal your login details. Instead, visit the actual website from your URL bar or bookmarks to ensure you land on the real site. If your are seriously curious about the message, you can check the links by hovering over them without clicking. A box will appear next to your cursor or in the corner of the browser displaying the true URL address. Do not trust what the link says in the email as these can be faked. For example, an email may claim to link to amazon.com, but hovering over it reveals a seemly unrelated, misspelt, or nonsensical URL.

Check the spelling and grammar of the emails. Any mistakes are a certain sign of fraud. Also beware of vague language. For example, if a message addresses you impersonally, then it is likely a spam email sent out to millions.

Do not interact with any attachments included within the email. These can contain malware that can infect your computer. It can take as much as just clicking on the attachment to become infected.

Some online retailers, such as Amazon, offer package tracking which you can use to view the progress delivery. These should be used over trusting an email warning.

Another common form of phishing is through SMS messages, or smishing. These messages will request you visit a link or calling back on a premium number. The same kind of precautions can protect you. Do not call the numbers or follow the links. If you think the message could be real then visit the website directly and check. Do not trust unsolicited messages in general, even if they appear to come from an official source at first glance.

Browser Plugins and Phone Apps

Browser plugins can potentially be used to find discounts on products online. These plugins inform you of other better prices online whenever you are looking at a product. However, these plugins can also contain unexpected features, such as tracking your movement online.

When looking for plugins, only install them from the official web store of whatever device or browser you are using. Do not download from third party sites. Never follow a pop up advertising a plugin, even if it is advertising what looks like an official plugin. If a website is trying to force you into downloading a plugin then leave immediately.

Plugins and extensions will often ask you to grant them permissions. It is a good idea to check what these permissions are before installing to make sure they are in line with the services the extension claims to offer. If you see anything unusual or unnecessary, then consider avoiding the extension.

By keeping these precautions in mind, you can avoid getting scammed this Christmas and help ensure everything runs smoothly during the festive season.

Refs

1.https://www.moneywise.co.uk/news/2017-12-05/scam-watch-christmas-shopping-fraud-rises-quarter

2.https://www.nao.org.uk/wp-content/uploads/2017/06/Online-Fraud.pdf

3.https://www.bbc.co.uk/news/uk-42085557

4.https://www.infosecurity-magazine.com/news/360k-new-malware-samples-every-day/