IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Tips to Avoid Holiday Shopping Scams Online

Another Cyber Monday, and more online sales records will be set. What can you do to protect yourself at home and work?

img1417435642-34
We have reached another Cyber Monday, with experts reporting that this holiday weekend is breaking all previous records for online shopping. Early projections were that online purchases would account for 44% of total Christmas sales this year.

Many online sales are going on all week, with free shipping and big discounts. In fact, some ads are promoting an all new "Cyber Week." And yet, shoppers need to take precautions as they surf for deals online.

Time Magazine described how protests and more did not stop shoppers on Black Friday:

Despite protests against Walmart and a national backlash over stores opening for customers on Thanksgiving day, this year’s Black Friday sales hit record-highs both in stores and online.

A record-breaking $1 billion was spent online on Thanksgiving day, according to an analysis by Adobe Systems, which examined 180 million visits to more than 1,000 retail sites. Sales on eBay.com shot up 35% through noon EST compared to the same time last year on Black Friday.

Fifteen thousand people shopped at the Macy’s flagship store on Thanksgiving Day, and Black Friday sales for Amazon UK was the busiest sales day on record.

According to IBM Digital Analytics and USA Today,

Thanksgiving Day website sales jumped 14.3% over 2013. Sales and traffic were driven by mobile phones and tablet use, which accounted for 46% of all Black Friday online traffic.

Walmart racked up more than 500 million Thanksgiving page views, surpass only by the retailer's Cyber Monday traffic last year. ChannelAdvisor, which tracks retail data, said Amazon also was a big winner, with sales up 26% from last year. Electronics retailer Best Buy's website crashed for about an hour Friday morning due to a "concentrated spike in mobile traffic,'' said spokesman Jeff Shelman.

Major news sources were full of advice such as this Tablet Buying Guide from USA Today being one example.

And we’ve only just begun. Cyber Monday is next, and here are a few Cyber Monday online guides:

1)      Engadget’s Cyber Monday 2014 Roundup

2)      ABC News’ 7 Super Cyber Monday Travel Deals – Who says special online codes can’t really lower prices?

3)      CyberMonday.com - There are even websites that totally focus on special Thanksgiving weekend cyber deals.

Avoiding Online Scams This Holiday Season

So how can you be safe in cyberspace while you are saving money?

My first tip for safe online shopping flows from name recognition. Simply stated, know who you’re dealing with. This means ensuring that web addresses that you are connecting to are, in fact, actually the companies that are reputable and the names you trust. Reputation matters even more online, so make sure that the web address (URL) is safe and actually goes to the website for the company you know.

The corollary to this tip is that deals that seem too good to be true, from companies that you’ve never heard of, should be treated with suspicion.

USA Today offers these tips to shopping safely online. Three of my favorites include:

Phone facts: Your bank will never call and ask you to give them your account information. But scammers do. T

Wherefore your Wi-Fi: It's tempting to make use of free Wi-Fi when you're out and about, but be cautious. Sometimes it's the store but sometimes it's cybercriminals providing the service. When in doubt, check and make sure the Wi-Fi really is set up by the business you're in.

Check you card: If you can, use one credit card for all your online purchases, so you can easily see if there are charges for items you didn't buy.

McAfee (now Intel Security) offered these 12 Scams of the Holidays back in 2009, but they still apply today. The first two are:

-       Charity phishing scams:
Knowing that consumers like to give this at time of year, hackers send out fake emails requesting donations that appear to be from legitimate charitable organizations. However, these emails usually link to phony websites that take your money without passing it along to a good cause.

-       Holiday e-card scams:
More and more people are sending holiday e-cards instead of regular cards because they are convenient and “environmentally green.” Cybercriminals will send you an e-card, asking you to download an attachment to pick up your card. However, the attachment isn't really an e-card—it's malicious software ready that installs on your computer without your knowledge and wreaks havoc.

Politicians getting involved

The online scam problem is getting so important, even politicians are getting involved. CBS News in Baltimore reported:

Representative Elijah Cummings and Senator Elizabeth Warren sent letters Thursday to 16 different banks, demanding answers about recent data breaches. On that list–Bank of America, Citigroup, PNC and Wells Fargo.

“Folks can rob a bank of more money with a cyber attack than walking in the door with guns,” Cummings said.

The goal is to figure out the extent of those recent breaches and what protections–if any–they’re putting in place….

Cummings expects to hear back from that list of banks by early next week. Cummings also sent letters to retailers and other companies, including Home Depot and Target.

 After Buying: Bring Your Own Presents to Work, Or Not?

  Another, less talked about issue involves millions of Christmas presents showing up at work on company networks – both before and after Christmas. Public and private sector technology infrastructure teams need a plan to deal with this annual challenge, expecting the onslaught to begin every Cyber Monday and not end until mid-January. Security teams need to prepare in advance. (I have even seen Cyber Monday shopping impact operational work networks in places where Internet connectivity is poor.)

While many businesses have implemented bring your own device to work (BYOD) policies, many still do not have these important policies.  Even where BYOD policies are in place, angst still exists for many staff regarding personally-owned devices.

Though BYOD programs were instituted to ease tensions between employees and their companies, it turns out there’s still plenty to go around, particularly when it comes to security and privacy. Almost half of American workers said they would stop using their personal devices for business if their employer required them to install a specified security app, according to a July report from Harris Interactive, a market research firm, and Webroot, a cybersecurity company. Worries included employer access to personal data, the wiping of personal data in the event that a device is lost or compromised, the tracking of one’s location, and reduced performance due to the additional software running in the background.

Some Final Thoughts

It’s never too early to think about what your organization could do different next year.

Here’s a new idea for 2015: Governments could get into this Cyber Monday excitement. How about: Pay your friend's back-taxes (as a Christmas present)- with 10% off the normal bill. 

Or, get you campground reservation for $20-off on a $100 purchase.

Or, donate to various social services for the less fortunate.

There are literally hundreds of services that governments could sell online that should participate in Cyber Monday buzz.

It just seems like a matter of time before federal, state and local governments get into the Black Friday and Cyber Monday selling scene.

What are your thoughts?

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.