When it comes to online shopping, the threat of fraud and online scams is a 365-day-a-year problem.
But just as retailers bombard you with promotional emails at an ever-increasing rate this time of year, so does the risk of running afoul of criminals trying to gain access to your bank account.
With Black Friday sales underway and Christmas looming, Sky News has hired two cybersecurity experts to offer advice on how best to stay safe and avoid scams when shopping online.
spotting dodgy emails
A favorite tactic of fraudsters is to lure you with an email that looks perfectly legitimate, offering what appears to be an exclusive deal at one of your favorite retailers.
As Secureworks’ Mike McLellan puts it, this is “the classic scenario we’d like to see around Black Friday.”
One important thing to note is the domain name of the sender’s email address – does it match up well, but with some deviation? For example, think @amaz0n.co.uk.
“On smartphones, this kind of detail is often hidden,” suggested Mr McClellan. “So click on it and check where the email is coming from.”
You should also watch out for typos and odd formatting.
If you’re at all unsure, it’s best to visit the site directly rather than click any link in the email.
Some scams may direct you to a retailer’s login page to enter your account information.
It might look perfectly normal, and you proceed to enter your username and password, while in the background, criminals capture that information and use it for themselves.
Chris Bluvshtein of VPNOverview says: “Every website should have a valid security certificate, which you can tell by the little padlock icon next to the URL.
“If the website doesn’t have one of these, then don’t give out your bank details or information of value.”
These are probably some of the hardest scams to notice on your own, but banks have gotten pretty good at alerting you to “unusual logins” and flagging any subsequent shady transactions.
“If you suspect that something bad has happened, please consider changing your password,” Mr McClellan said. “And check your bank activity.”
Another classic type of Black Friday scam is a text message saying you’re waiting for a package from DHL, Royal Mail, or another courier.
Mr McClellan said: “Often you expect something when you get these text messages – but again, be on the lookout for anything that doesn’t look normal.”
If the text asks you to pay and includes a link to bit.ly, that’s a good indication that there’s a problem.
You should not click on these.
Password Managers and Mobile Payments
Modern smartphones and web browsers offer some useful built-in features to help you stay safe.
Both have password managers and generators that will give you random options to lock your accounts and then store them behind your master password — or even biometrics like face or fingerprint recognition.
Also consider multi-factor authentication for an extra layer of security, Mr McLellan said.
Apple and Google Pay are great payment options if the retailer accepts them, as they protect your bank details.
“It’s better to use them than a debit card,” Mr Bluvshtein said.
Most Black Friday “deals” aren’t real discounts
avoid shopping on public networks
Black Friday deals often try to lure you in with limited-time deals and alert you via app notifications, text messages, or emails.
If someone arrives while you’re out, you might be tempted to skip right over.
But Mr Bluvshtein said shopping on public Wi-Fi networks, like the ones you might find at train stations and trains, is not a good idea.
“Public Wi-Fi rarely has security protocols, such as passwords, where hackers can steal and steal unsecured banking details and sensitive information without your knowledge,” he said.
What to do if you suspect you have been scammed
Even with the best intentions in the world, there can come moments when you doubt the worst.
But don’t worry — there are steps you can take to limit the damage, or prevent any damage from happening at all.
“Keep an eye on bank accounts and contact them if you notice anything unusual,” Mr McClellan said.
“Banks have very strong controls on fraud these days – that’s why it’s best to use credit cards whenever possible.
“If you think any of your online accounts have been compromised, change your passwords and try not to reuse them between different retailers.
“We do recognize that some of these have technical hurdles for them, but if nothing else, at least keep an eye on what’s going on and be vigilant about your online activity.”