Cybersecurity tips for Cyber Monday

Our world is so connected and complex these days that it’s harder and harder to keep up with all the potential attacks, malicious software, and cybercriminals targeting our private and financial information. Cyber Monday is just a party day for scammers, hackers and all-around cybercriminals.  

Not just on Cyber Monday, over the holidays, these attacks and scams multiply. I’m going to go over some popular scams and what we can do to protect ourselves.

A scam might start with an e-mail

It might all start with a legitimate looking phishing e-mail with an awesome offer that’s hard to pass up. When we get one of those, if they hit the target for something people are looking for, it might trigger the fear of missing out (FOMO) and anxiety for this offer to expire. You click on it and in the middle of all the emotion, you might not realize this is not a real site, make a purchase and the rest is history.

Scam websites are a problem. These sites are designed to look just like popular online stores and may feature amazing deals from well-known brands but, their real objective is to steal your information. How can you tell the difference between a legitimate website and a scam one? The devil is in the details.

Here are some tips to detect a malicious website:

Copy the URL and paste it into a document. I know it seems low-tech but many scam sites register similar domains to the trusted ones you are used to and our brain has the pesky ability to complete incomplete or misspelled words. So Target.com/shopping/cybermonday can be trget.com /shopping/cybermonday and unless we make the effort to pause and look at it, it’s harder to catch than you might think.

When you receive promotional e-mails, review it carefully and don’t click on the links unless you are confident they are coming from the intended site. Go to the retailer directly and you’ll see the specials listed there so you didn’t miss anything.

Be careful with e-mails that claim your account is compromised or that raise any type of alert and take you to a site to change your credentials or “secure your information”. These are common tactics used by cybercriminals to steal your actual credentials.

Social media can be a problem

If you see a post with amazing offers, huge discounts, vouchers, gift cards or other aggressive holiday promotion, do your homework before you hand your payment information to a site you’ve never heard of. Do a little due diligence, Google the store name, check the about us page and see if they have any legitimate reviews. If it looks too good to be true, you know the rest…

Here are some general tips and rule of thumb principles that will keep you out of trouble:

• Always check the website you are shopping to make sure it’s legitimate. Don’t be swayed by nice-looking or cleanly designed websites, these days they are very easy to set up by just about anyone.
• Do a simple Google search or search the Better Business Bureau for information. Search the name of the business and reviews and you’ll get an idea if they are legitimate or not. In my experience, no business, no matter who you are, has straight 5-star reviews. It’s impossible to please everyone.
• If you feel like investigating more, go to the “About us” page, see if they list any contact information and if they have a phone number, feel free to call it. This will give you a good idea if you are dealing with a legitimate business or a fraudulent site.
• Be careful with entering your credit card information, personal information, social security or any other information by following a link from an email.
• Don’t open attachments from people or organizations you don’t know. If you know them and you didn’t ask for the e-mail, don’t open them either. Their email might be compromised and they might be sending you a virus, a trojan horse or worse.
• Mase sure all your devices from phones, tablets, computer and any other appliance in your house that connects to the internet has the latest software installed.
• Always use an Antivirus and Antispyware software on your computer and make sure it’s up to date. A free version is better than no software at all.
• Always use a credit card to shop online, never a debit card and check the statements to make sure there are no fraudulent transactions.
• Use secure and different passwords for all online stores, I know they are impossible to remember but for that, you can use a password manager like the one that comes with Google Chrome for free.
• Whenever possible, activate two-factor authentication. You know, those pesky text verifications when you are trying to log in. They can be a life saver because it’s harder to compromise your credentials that they may have stolen from a website or your phone. I know it’s annoying but it could save you.

What to do if you are a victim

If you are a victim of any type of online scam, you should report it to the Internet Crime Complaint Center IC3.Gov and contact your bank or credit card company immediately.