12 steps to ruin a cybercriminal's day

The holiday shopping season has begun. It involves a few weeks of consumer chaos as we rush to take advantage of bargains and buy gifts for friends and family.

Despite the rising cost of living, Deloitte predicts 10% to 13% increase in e-commerce for the 2023 holiday season in the US compared to the same period in 2022. That's over $1,5 trillion, and as much in Europe, with its big online market, and the UK.

Discover more articles in search results.

iGuRu.gr preferred source

"But it's not just the shops that are after your money, it's also cybercriminals" warns Phil Muncaster from the team at global digital security company ESET and suggests we take a minute to look at the most common cyber scams and threats and how to stay safe when shopping

What is the risk when shopping online?

Global e-commerce is on fire. The market is expected to grow at a compound annual growth rate (CAGR) of 12% during 2021-25 and surpass $8,5 trillion by 2025. With so much money, it's no surprise that fraudsters and fraudsters they are ready for action. And they are even more ready during festive seasons, such as the Christmas season, when it is easier to hide fraud in the rush of purchases and when shoppers can be abstracted.

So what do fraudsters crave? Your money and/or personal information, such as login codes to relevant accounts, which can then be sold to other criminals involved in identity fraud, says ESET's Muncaster and gives us a brief overview of some of the most common threats to watch out for during the holiday season.

• Fake sellers: They operate on legitimate websites such as Facebook Marketplace and attract buyers by listing products in high demand at outrageously low prices. They can also create fake reviews for their "store" in order to give it legitimacy. Users are asked to pay through instant payment apps like Zelle, Venmo or Cash App. But they never receive their order because it was all a scam.
• Account takeover (Account takeover – ATO): Cybercriminals are always looking for ways to compromise customer accounts. This is because they can use the stored cards to make purchases, or otherwise find personal information on the accounts that can be sold to others. The most common way to take over an account is through stolen logins. Sometimes scammers use login codes obtained from other websites (via a data breach), which victims use on several different accounts. This method is known as credential stuffing.
• Fake online stores: This threat is similar to the threat of fake sellers. But here the criminals go a step further to make the shop look more legitimate. Fraudsters will falsify the website of a merchant or a well-known product company. Not only will victims not receive their item or possibly be sent a counterfeit version, but fraudsters will also record the card details for future fraud.
• Fake apps (apps) sales: These apps are often trafficked to unofficial third-party app stores or phishing websites. Users may end up there after clicking on a fake link on social media or via email.
• Electronic fishing (Phishing): It's still one of the most popular ways for fraudsters to obtain personal and financial information, which can then be used in identity fraud, such as buying things or applying for loans in your name. Fake emails, social media messages or text messages are designed to appear to be sent by a known company.
• Fake Gift Cards: Bait is an enticing offer of a gift card that you will receive for free or at a significantly reduced price compared to its face value. However, clicking on the link included in the email or text message to claim your gift card may result in malware being installed on your device, your personal data compromised, or a stolen gift card being sent.

This is also the time of year when you may receive fake messages from courier companies asking you for information or to pay money for "taxes" or "customs" charges. You may have ordered so much online that it's hard to keep track of your actual orders. Sometimes, by clicking a link, you install malware designed to flood your screen with ads or steal personal/financial information.

12 ways to be safe when shopping online

With the above in mind, here are 12 tips from the ESET expert to stay safe – one for every christmas day:

1. Make sure your computer and mobile phone are protected with security software from a trusted provider. This will go a long way in preventing the damage that information theft and other malware can cause.
2. Always use strong and unique passwords on all accounts (via a password manager) and enable two-factor authentication (2FA). This will help mitigate the risk of password theft and account hijacking.
3. Beware of too good deals. If an offer seems too good to be true, it probably isn't.
4. Always use secure websites for any purchases. Look for the padlock in the browser bar and the HTTPS address. This will limit the opportunity for hackers to intercept your communications and steal your card information.
5. Check your bank and credit card accounts regularly during the shopping period and contact your bank immediately if any transaction looks suspicious.
6. Try to only shop from companies you trust. If you haven't heard of one before, do some research on it first – try Googling the name plus “scam” or “fraud” and check customer reviews to gauge the her reputation.
7. If you're buying from an online marketplace, always pay by credit card (as there's more buyer protection this way) or consider using a single-use virtual card for purchases.
8. Download mobile apps only from trusted sources i.e. App Store and Google Play.
9. Never buy items or log into accounts (especially your bank account) when connected to public Wi-Fi. Use a virtual private network (VPN) in those cases, if you absolutely must grab an opportunity while not using your home network or mobile data plan.
10. If you receive an unexpected email or text message, think twice before clicking on it. Contact the sender if possible (but not by replying to the message).
11. Consider shopping as a guest when shopping online. If you store your information, there is always a chance that it could end up in the hands of a cybercriminal if the company's systems are breached.
12. Do not click on pop-up ads, even if they offer great shopping opportunities, as the ads may be malicious.

Follow these simple steps to have more peace of mind. Now the biggest risk you will face will be…spending more than you intended this holiday season.

Happy and safe online shopping!

newsbot

Although the press releases will range from very select to rare, I said I'd pass...because sometimes the editors hide.