Consumers planning on purchasing their Christmas gifts online could be at risk of losing between US$ 50 and US$ 5,000 per incident. That’s because it’s the season when cybercriminals across the world are on the prowl to fill up their own Christmas “stockings.”
And with the rise in adoption of multiple devices by consumers ─ mobile phones, tablets, laptops, and PCs – online shopping has become more accessible and convenient. Coupled with the fact that more countries have greater bandwidth available to them now than they did in the past, it’s not surprising that 2017 is expected to be the worst year ever when it comes to cybercrime incidents during the festive season.
According to research by Barclays, more than a quarter of all online scams in the UK occur over the Christmas period, while Threat Metrix predicts there’ll be 50 million global cyberattacks over the 2017 holiday season. Specifically, countries with strong fiscal outlooks and high levels of mobile adoption are among those most likely to be targeted. Meanwhile, a quarterly Threat Intelligence Report released last week by NTT Security, reveals that global phishing attacks were up by an alarming 74% in the third quarter of 2017.
Mark Thomas, Security Strategist for global IT group, Dimension Data, says: “Over the next six weeks, we’ll see an increase in email phishing campaigns, ransomware attacks, banking trojans, as well as the emergence of fraudulent websites that promote special deals such as discounted holiday packages. Fraudulent gift cards, which may take you to an untrusted site or allow a download of a file to your computer that could compromise your device, will also become more prevalent.”
Also on cybercriminals’ shopping list are bogus shipping delivery status notifications designed to entice you to click on malicious links, unsolicited emails offerings special deals, and fake receipts for online purchases which prompt you to open attachments containing ransomware.
What cybercriminals want
Thomas says cybercriminals are after two things: an individual’s credit card data which once accessed, they’ll start using to spend your hard-earned cash which could include your annual bonus. In addition, they target your personal identity information such as usernames, passwords, and details on which sites you regularly access. “If a cybercriminal is able to access your credentials, they can use them to impersonate you on multiple sites and online platforms.”
The role of business, retailers, and parents
Businesses need to educate their employees who are connecting to their corporate networks to remain vigilant this festive season. “Providing multi-factor authentication to access corporate systems is another step in the fight against cybercriminals. This makes it more difficult for attackers to compromise your credentials,” he explains and points out that retailers, in particular, should be on high alert as cybercriminals will be looking to take advantage of them over the peak season.
Children, elderly parents, and relatives who are not cyber-savvy need to be educated and protected from becoming victims of cybercrime. “Today, there are parental controls that can be applied on mobile phones – similar to what you have on a TV. Most modern phones automatically come with application verification which allows you to download apps from trusted sources only,” Thomas says.
Top tips for staying safe while shopping online
- Never use public Wi-Fi when making online purchases.
- Never open e-mails, click on links, or open attachments from unfamiliar sources.
- Ensure you download legitimate applications from known, trusted sources onto your devices.
- Never share your usernames, passwords, or other personal information online.
- Use a password management system which allows you to securely store and manage all your credentials from a single location.
- Be wary of unsolicited emails that promise exciting offers, and don’t open the attachments.
- Look out for the visible padlock icon on your browser to confirm encryption. This means the website you’re purchasing goods from is a secure, trusted merchant.
- Use your credit card rather than debit card, and don’t store your card details online.
- Ensure that your anti-virus and operating system patches on your mobile, tablet, laptop,
and PC are up to date.
- Check your bank statements often and immediately report unauthorized or suspicious charges to your bank.