While Black Friday and Cyber Monday are excellent opportunities for consumers to get hold of some great deals, they are also ideal for cyber criminals to execute cyber crimes and scams.

Research shows that global e-commerce fraud is increasing, causing losses amounting to $41 billion in 2022. Later this year, the predicted losses are expected to exceed $48 billion.

The retail industry is the most vulnerable to cyber attacks, seeing a 436% jump in cyber crime, particularly malware attacks.

Email spam campaigns also grow rampant during the holiday shopping season. A report showed that in November 2022, 351,800 emails contained the term “Black Friday,” much more than the emails recorded in the previous month (65,608).

As cyber criminals create new scams ahead of Black Friday and Cyber Monday, now’s the time to brush up on your security best practices so you can shop without worrying about falling victim to an opportunistic attacker.

This article will highlight nine ways you can protect yourself over the holidays.

9 Tips to Protect Yourself From Scams and Fraud on Black Friday and Cyber Monday

Ensure an enjoyable Black Friday and Cyber Monday shopping experience without the risk. Here are nine essential tips to protect yourself from fraud and Cyber Monday and Black Friday scams.

1.  Learn the warning signs of a phishing email and website

Phishing emails are among the most pervasive threats targeting consumers over the holidays. Especially during the festive season, cyber criminals like to create emails that impersonate popular brands.

They use this tactic to trick you into clicking on malware attachments or links to phishing websites. If the phishing attacks are successful, bad actors would then be able to harvest your credentials quickly.

Source: Canarias Horizon

The best way to avoid spear phishing scams is to never click on links or attachments in emails from unknown senders.

You can also help protect yourself by familiarizing yourself with the most common phishing emails, being aware of the signs, and practicing identifying them during phishing simulations.

2.  Set up a multi-factor authentication on your online accounts

One simple step to protect your online accounts is to set up multi-factor authentication (MFA). Having MFA means using two authentication factors to log in: a password and a one-time passcode sent to your email or mobile device.

Using MFA makes your online shopping accounts more secure because even if a fraudster manages to guess your password, they won’t have access to the passcode and cannot break into the account.

While MFA isn’t infallible, it is highly effective, with the ability to block 99.9% of account attacks.

3.  Only shop on secure Wi-Fi networks

While public Wi-Fi is convenient, it’s a haven for bad actors to snoop on other users covertly. When using public Wi-Fi, you’re susceptible to man-in-the-middle attacks that enable hackers to intercept your private data.

Given these threats, it’s important to avoid shopping online and sharing your personal details on public Wi-Fi. If you must use public Wi-Fi, use a VPN to encrypt your data.

4.  Use Strong Passwords

Selecting a strong password is one of the most straightforward steps to protect your online accounts more effectively. Using a strong password will make your password more difficult for cyber criminals to guess or brute force hack.

You can select a strong password by choosing a word or phrase 8 to 9 characters long, with a mixture of uppercase letters, lowercase letters, numbers, and symbols.

Avoid reusing passwords across multiple accounts or using dictionary words, as these are easier to hack.

5.  Use only personal devices for online shopping

If you’re working in the office, it’s important to avoid using company devices to browse for goods (particularly if the device isn’t one you use and maintain daily), as you can put the entire network at risk of a data breach.

By avoiding the temptation to look at Black Friday and Cyber Monday deals in the office, you’ll help keep your organization’s network safer and reduce the amount of traffic on the network.

6. Be careful of sites you trust

Many consumers use the URL padlock or HTTPS prefix in the search bar to check that a site is legitimate. The problem is that many cyber criminals know this and use fake SSL certificates to trick users into thinking the site is safe to browse.

In fact, 83% of phishing websites have SSL certificates.

So, while you can use the URL padlock or HTTPS prefix as a positive sign that a site is secure and legitimate, you can’t rely on it as the only security sign, as attackers routinely fake SSL certificates to make their fake websites appear more credible.

7.  Be wary of deals that sound too good to be true

Be skeptical of emails, websites, or social media posts offering goods at rates below market value. Many fraudsters advertise goods at bargain rates online to trick consumers into handing over their credit card or account details.

You can avoid these threats by only shopping with trusted sellers and being skeptical of any eCommerce stores or individuals offering goods at prices that aren’t competitive in the broader market.

In short, if a site is offering prices significantly lower than major brands, this is a red flag. There’s also the Black Friday express delivery scam or gift card scam you should watch out for.

8.  Update software and security tools regularly

Make sure that the devices you use for online shopping are running the latest versions of their operating systems, security software, and browsers.

Outdated software often has vulnerabilities that cyber criminals can exploit to gain unauthorized access to your accounts and systems.

9.  Educate Yourself About the Latest Scams and Cyber Threats

To protect yourself against cyber threats and scams, you first need to be aware of them. Keep informed of the latest modus operandis targeting online shoppers like you.

With this knowledge, you’ll be able to recognize and ultimately avoid new types of cyber attacks.

Examples of Data Used in Online Shopping

When you shop online, retail platforms use various types of data to help improve your experience and facilitate your online transactions. Here are some of your data that can be retrieved:

  • Personal information, including your name, address, email, and phone number.
  • Payment information, such as PayPal accounts, credit/ debit card details, and other methods.
  • Browsing history and preferences, including search queries, viewed products, purchase history, cookies, and tracking pixels
  • Shipping and delivery data, like your shipping address
  • Device and location data, including your smartphone or laptop’s IP address
  • Analytics data, including your interactions with the site, page views, time spent, and conversion rates
  • Customer support interactions, including chat logs, call recordings, and emails

While these data types are essential for enhancing online shopping experiences, providing them without vigilance can expose you to potential privacy and security risks.

Protect Yourself on Black Friday and Cyber Monday

While cyber crime is rising in the run-up to Black Friday and Cyber Monday, educating yourself on the latest scams and shopping with trusted providers will ensure you don’t get any nasty surprises.

Taking simple steps like selecting a strong password, setting up MFA, and practicing with phishing simulations can go a long way toward protecting you from malicious entities wherever you encounter them.



Want to learn more about protecting yourself from fraudsters this Black Friday and Cyber Monday?

Access the Cyber Security Hub for free.