While Black Friday and Cyber Monday are excellent opportunities for consumers to get hold of some great deals, they are also ideal for cyber criminals to innovate new scams. Unsuspecting consumers can be lured in with bargain prices, which can lead to hackers stealing their information.

Research shows that online payment fraud increased by 208% between September and October 2021, increasing from 627,560 phishing attacks to 1,935,905. The same research detected 221,745 emails that contained the words ‘Black Friday’ between October 27th to November 19th.

As cyber criminals create new scams ahead of Black Friday, now’s the time to brush up on your security best practices so that you shop safely without worrying about falling victim to an opportunistic attacker. This article will highlight seven ways you can protect yourself over the holidays.

1.  Beware of phishing emails

Phishing emails are one of the most pervasive threats targeting consumers over the holidays. During the festive season, cyber criminals like to create emails that impersonate popular brands and use this tactic to trick users into clicking on malware attachments or links to phishing websites. If the attacks are successful, bad actors can harvest their credentials.

The best way to avoid phishing scams is to never click on links or attachments in emails from unknown senders. You can also help protect yourself against phishing emails by familiarizing yourself with the most common phishing emails and practicing identifying them during phishing simulations.

2.  Set up Multi-factor authentication on your online accounts

One simple step you can take to protect your online accounts is to set up multi-factor authentication (MFA). MFA will mean that you have to use two authentication factors to log in; a password and a code sent to your personal email or mobile device.

Using MFA makes your online shopping accounts more secure because even if a fraudster manages to guess your password, they won’t have access to the passcode and will be unable to break into the account. While MFA isn’t infallible, it is highly effective, with the ability to block 99.9% of account attacks.

3.  Avoid using Public Wi-Fi

While public Wi-Fi is convenient, it’s a haven for bad actors to snoop on other users covertly. When using public Wi-Fi, you’re susceptible to man-in-the-middle attacks that enable hackers to intercept your private data.

Given these threats, it’s important to avoid shopping online and sharing your personal details on Public Wi-Fi, whether that’s in-store, in an Internet cafe, public coworking space, or an airport. If you must use public Wi-Fi, then use a VPN to encrypt your data.

4.  Use Strong Passwords

One of the most straightforward steps you can take to protect your online accounts more effectively is to select a strong password. Using a strong password will make your password more difficult for cyber criminals to guess or brute force hack.

You can select a strong password by choosing a password that’s 8 to 9 characters long, with a mixture of uppercase letters, lowercase letters, numbers, and symbols. Avoid reusing passwords across multiple accounts or using dictionary words, as these are easier to hack.

5.  Avoid using work devices for online shopping

If you’re working in the office, then it’s important to avoid using company devices to browse for goods (particularly if the device isn’t one you use and maintain daily) as you can put the entire network at risk of a data breach.

By avoiding the temptation to look at Black Friday deals in the office, you’ll help keep your organization’s network safer and reduce the amount of traffic on the network.

6.  Don’t automatically trust sites with the URL padlock and Https prefix

Many consumers use the URL padlock or HTTPS prefix in the search bar to check that a site is legitimate. The problem is that many cyber criminals use fake SSL certificates to get those symbols and trick users into thinking the site is safe to browse on. In fact, 74% of phishing websites have SSL certificates.

So while you can use the URL padlock or HTTPS prefix as a positive sign that a site is secure and legitimate, you can’t rely on it as the only security sign, as attackers routinely fake SSL certificates to make their phishing sites appear more credible.

7.  If a deal sounds too good to be true, it probably is

Finally, be skeptical of any emails, websites, or social media posts that offer goods at rates that are below market values. Many fraudsters will advertise goods at bargain rates online to trick consumers into handing over their credit card or account details.

You can avoid these threats through a combination of only shopping with trusted sellers and being skeptical of any eCommerce stores or individuals offering goods at prices that aren’t competitive in the wider market.

In short, if a site is offering prices significantly lower than major brands, this is a red flag.


While cyber crime is on the rise in the run-up to Black Friday, educating yourself on the latest scams and shopping with trusted providers will make sure that you don’t get any nasty surprises. With that peace of mind, you can take advantage of unmissable offers without falling victim to fraud or identity theft.

Taking simple steps like selecting a strong password, setting up MFA, and practicing phishing simulations can go a long way toward protecting you from malicious entities wherever you encounter them.

Want to find out more about how to protect yourself from fraudsters this Black Friday? Contact us today.



Cybersecurity Hub

Cyber Security Hub: Access Exclusive Cyber Security Content

Take advantage of our free Cyber Security Hub – it is your one-stop cyber security awareness and knowledge center with one-click access to our COVID-19 Kit, Work From Home Kit, Password Kit, Phishing Kit and more.