It's that time of the year when the most anticipated and prolific shopping season is upon us. The unofficial start to the Christmas shopping season begins with the coming of Black Friday extending up till Cyber Monday.
Earlier Black Friday was restricted to only those shoppers who willingly queued up in front of their favorite retail stores. Today with the coming of mobile apps and access to several digital mediums, shoppers all over the world can browse through the various discounts being offered on the web while sipping coffee and enjoying the shopping extravaganza.
Consumer Spending over Black Friday Weekend Is Forecast to Grow by 47% Year over Year
A recent holiday survey by RetailMeNot, a leading digital savings destination, showed that this year consumer spending on Black Friday weekend is expected to increase by 47% as compared to the same period last year.
The survey data further revealed that an average of $743 will be spent by consumers this year for the weekend running from Black Friday to Cyber Monday. This figure marks a jump from the average of $505 that was spent last year during the same weekend. It also suggested that '7 in 10 consumers' will indulge in shopping during the Black Friday weekend of this year.
While this time of the year feels like a bliss for the savvy shopper amongst all of us, the ultimate question remains to be asked. Does the convenience of ecommerce come at the cost of security? Is this unlimited access to online shopping at your doorstep - a hackers boon or a shoppers bane?
"Last year, consumers spent $9.36 billion online over the four-day Black Friday weekend, of which $1.2 billion was driven by mobile shopping—and with that number expected to grow this year, threat actors are looking to take advantage. If online retail sales grow at 2016’s year-over-year rate of 16.4%, some $10.8 billion in 2017 holiday shopping revenues could be at risk of diversion and theft. Similarly, $1.6 billion in mobile retail sales could be compromised by year-end if 2016’s 33% year-over-year growth rate continues." - RiskIQ
Last week, RiskIQ released its 2017 Black Friday E-commerce Blacklist report. This report provided an extensive insight into the digital threats against the top 5 e-commerce brands during the Black Friday shopping season. As per the research, they found that in order to fool the consumers into giving up their login credentials as well as their credit card information, threat actors make use of keywords, brand names, and branding of popular e-tailers alongside “Black Friday” in fake apps and other landing pages promoting deals and coupons.
The research findings further include:
- More than 32,000 malicious mobile apps are leveraging the branding of the top-five online retailers. These apps seek to trick shoppers into entering credit card information, giving up Facebook and Gmail credentials, or downloading malware that steals personal information or locks devices until ransoms are paid.
- Malicious apps represent 4% of the 4,356 (1 in 25) total Black Friday-themed apps available in app stores today.
- Each of the top five brands have at least 15 malicious apps available that use their brand name and branding alongside the term “Black Friday.”
- The top-five retail brands leading in e-commerce have had a combined total of more than 1,451 blacklisted URLs that contain their branded terms as well as “Black Friday” and are linked to spam, malware, or phishing.
We also did a similar study of our own and put the top 500 global ecommerce apps in the USA, UK, Australia, Singapore, and India through basic security testing. The global report showed that 95% of global E-commerce apps fail basic security checks.
We hope this comes as a wake call for both businesses and consumers to be aware and proactive towards online security and privacy. To further help we have curated a list of quick cyber security tips for Black Friday and Cyber Monday.
Cyber Security Tips For Black Friday and Cyber Monday
1) Be careful while downloading new apps for shopping, coupons, deals etc.
Ensure that you download mobile apps, be it Android or iOS, from the official app stores of the E-commerce retailer. Before you click on the download button, do check the app permissions and other information that is being asked by the application.
Avoid downloading apps from third-party app stores as threat actors make use of the festive season to create fraudulent apps that look as if they are associated with the real brand.
2) Shop online only through trusted sites with a valid SSL certificate
While you search for your favorite product online or check out on a fantastic deal, ensure that you click on those websites whose site addresses begin with 'https' instead of 'http'.
In the case of a regular HTTP connection the data that is sent between your browser & the E-commerce website you are connected to, will be in plain text and therefore can be read by any hacker looking to trick and exploit you. Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP, where all communications are securely encrypted.
For the implementation of an HTTPS connection, you will need a valid SSL certificate.
3) Enable security alerts for all your financial transactions
There's no such thing as being 100% secure but we can surely give our 100% while being aware and proactive. Like they say 'Prevention is better than cure'. So before you start shopping online, ensure you log on to your net banking and update your profile details while setting up text alerts as well as email alerts for every transaction that you make online.
In doing so you will be alerted in case of fraudulent transactions made through your debit or credit card without your consent.
4) Avoid online shopping using public WiFi networks
Restrict conducting sensitive activities such as making an online payment at ecommerce websites using a public wireless network as they pose a major security threat. These free networks are often a hacker’s paradise due to lack of proactive security.
5) Set up 2-step verification for your online account
In case someone catches hold of your password, a 2-step verification would ensure that they are still unable to log on to your account as an additional code is needed that can only be sent through your mobile phone.
A lot of Ecommerce websites provide the option of setting up an additional 2-step verification. So ensure that you make use of this added security layer.
6) Create unique passwords for your accounts online
Restrict the use of using similar passwords for several accounts instead create unique passwords for multiples websites and ensure that you use a combination of symbols, numbers, and letters while choosing a password. Throw in a mixture of upper and lower case alphabets to make it more strong and unique.
7) Be proactive about protecting your identity and social accounts
Make it a regular affair to keep a track of your financial records and activities of your social accounts for the coming weeks to ensure that there is no unauthorized activity. Also remember to alert your banking officials and even the police if you have any reason to believe that your identity has been compromised.
It's imperative to alert the law enforcement about the threats as soon as they occur as even the banks or insurance companies would require a police report while they conduct their own investigation on those fraudulent transactions.
We hope these 7 cyber security tips for Black Friday and Cyber Monday would help you to have a better shopping experience while keeping you ahead of the security curve. Do let us know in comments if you come across any suspicious or fraudulent activity while browsing through the various holiday deals online.
Stay Safe, Secure & Proactive Always. Happy Thanksgiving to one and all.