Today we want to share some tips for online shopping, as attackers will most likely resort to every possible tactic to trick users into downloading malware, handing over their credit card details, or compromising their devices.
No topic is off-limits, and threat actors have resorted to using everything from PlayStation sales to the supposed cure for COVID-19 and many more lures over the past year and so far this year, so these spam attacks will only increase over the next month as consumers around the world shop online for the holidays.
Adobe Insight’s recent “Holiday Shopping Forecast” predicts that e-commerce spending will exceed $200 billion during the holiday season for the first time in history. The report also specifically warns that there will be supply chain shortages this year due to the pandemic, which will likely force online shoppers into long virtual lines or push them to shop even earlier than usual.
While consumers always need to be diligent during the vacation season, this year’s supply chain issues tied to the COVID-19 pandemic could create even greater challenges and inspire new cyber scams, especially with popular video game consoles and other electronics in short supply. News is likely to move quickly around online shopping scams and cyber attacks starting Thanksgiving week so this should go at least a little way toward keeping you safe while shopping online this season.
Important tips to avoid shopping scams:
- Only download apps from trusted and official stores such as Google Play Store and iOS App Store.
- Look for applications that request suspicious permissions, such as access to your text messages, contacts, stored passwords, and administrative functions.
- Some malicious applications will try to disguise themselves as a legitimate version of the one you might be looking for. Signs of these applications include poor spelling and grammar in application descriptions and interfaces, lack of high-quality performance, and a developer contact using a free email service (such as @gmail.com).
- Avoid clicking on unsolicited emails. Make sure you have subscribed yourself to any marketing emails you receive from retailers before opening them.
- Use a local ad blocker in your browser. These will often block any malicious ad campaigns that aim to capitalize on shoppers looking for bargains.
- Try using payment services such as Google Pay, Samsung Pay, and Apple Pay. These services use tokenization instead of the “Primary Account Number” (your credit card number), which makes your transaction more secure.
- Use complex passwords that are unique to each site. Attackers often reuse passwords to compromise multiple accounts with the same username, use a password manager if you have difficulty creating and remembering strong passwords.
- Manually type the URLs of the sites you want to visit instead of clicking on the links.
