Savvy shoppers hunting for a bargain on Black Friday and Cyber Monday often find themselves looking on unfamiliar websites that promise immense discounts. While they may feel confident that the price is right, they can’t be sure the items are authentic, good quality or that they will even arrive after purchase. The risk becomes even more serious when cyber attacks are involved.

When a shopper takes their experience from the high street to the online retail world, they lose a certain amount of control over the transaction. Shoppers are also required to provide a substantial amount of personal data in order to complete the transaction. For this reason, online purchases can cost the shopper a lot more than the price of a fake pair of sunglasses.

It is important to know how cyber-criminals target their victims, what you can do to reduce the risk and make it more challenging for attackers to steal your information, your identity or your money. Follow these tips to minimize the risk of shopping online this Cyber Monday.

1. Avoid unfamiliar retailers

The purge of fake retail apps from the App Store in 2016 reminds us fraudulent retailers can still bypass the Apple App Store’s approvals and pose as a genuine retailer. So a good start is to purchase only from the retailers that you know and trust.

2. Protect your password

Habitual online shoppers visit multiple websites to find the perfect deal, creating accounts all over the internet with their credit card and other personal information. But once a hacker accesses your password from one online store, they can easily break into your other online accounts until they find something of value like bank details or sensitive corporate information. Set up a separate email account for online purchases or make sure you are using password security best practices.

3. Be responsible for your own security settings

Shopping on a desktop and shopping on mobile present similar risks. With mobile data surpassing desktop for the first time recently, retailers should be securing mobile websites and apps with the same standards that they would apply on their desktop websites. But it’s also up to the user to ensure their mobile security settings and OS are up to date and multi-factor authentication is in place where possible.

4. Don’t give too much away

When it’s not required, don’t provide extra personally identifiable information (PII) such a birthday and postal address. You never know where this information will end up. While you may think it’s harmless, this information can be the missing piece of the PII puzzle a cyber criminal needs to access your bank account, your corporate network or reset your passwords to gain access.

5. Look for HTTPS

Wherever possible, make sure the website you’re browsing uses HTTPS in the URL. This ensures that the data transferred between the web browser and the website is encrypted, limiting the ability for a third party to intercept your mobile traffic and capture your credit card details.

6. Don’t complete transactions over public Wi-Fi

It’s not uncommon for cafes and public spaces like airports to offer an open Wi-Fi connection. But how do you know it’s legitimate and secure? Always avoid completing transactions when connected to an open Wi-Fi hotspot.

Learn more about threat prevention

You might hear about the dangerous leaks and mobile attacks that make the news. But your organization might just be vulnerable to other threats right now.

FIND OUT MORE