Black Friday and Cyber ​​Monday: how to shop online safely

Come fare shopping online in sicurezza tra Black Friday e Cyber Monday thumbnail

Black Friday discounts are particularly attractive for online shopping, but the flow of online purchases also attracts many cybercriminals. Here are some tips to protect yourself.

Black Friday and Cyber ​​Monday: online shopping yes, but safely

Another year, another Black Friday and other opportunities that i cybercriminals they can exploit. The appointment with the online shopping season for 2021 poses new and greater challenges. Shoppers will rush to highly sought-after items that may be in short supply on e-commerce platforms. Both consumers and retailers must therefore pay particular attention to offers. Some may be too good to be true: on these occasions, cybercriminals could in fact acquire sensitive information and take advantage of their victims.

Before using credit cards to make a payment, it will be good to evaluate the platforms on which you intend to navigate. Cybercriminals have been waiting for this moment all year round and are ready to launch attacks wherever they have the opportunity to do so. From phishing scams to illicit apps, cybercriminals patiently wait for unsuspecting shoppers to fall into their traps. For this reason the best way to reduce the risk is stay alert. To be sure to offer you the right advice we have relied on the experts of Fortinet, so here’s what you need to be careful of.

Common threats in vista del Black Friday

  • Public WiFi: Using a private network to shop at home is one thing, but before shopping online using a public WiFi connection from a coffee shop, mall, or grocery store, you’d better think twice. Cybercriminals enter these networks more frequently to intercept data. They can also settle in public areas, broadcasting hotspots labeled “Free Public WiFi” which can be used to capture traffic moving between the device and an e-commerce site (or any website, actually). Avoid public WiFi if possible, unless you have a secure VPN connection or a reliable network.
  • Fake e-commerce sites: During the holidays, many fake shopping sites are created, designed to lure consumers and entice them to release personal or credit card information, offering unbeatable offers or promising access to hard-to-find items that, in reality, they do not exist. When visiting an e-commerce site for the first time, it is good to verify its legitimacy before proceeding with the purchase, by reading the reviews on the internet, making sure that the company has a physical address and a telephone number, and staying away from the sites that require direct payments from the bank, wire transfers or gift cards as a method of settlement.
  • Credit card skimming software: skimmers can also be found online. Point-of-sale (POS) RAM scraping malware is becoming more prevalent among cybercriminals. First, attackers must gain access to a point-of-sale system, such as an app cart. They then infect the host with malware designed to steal credit card information from the source. The transaction continues, but all credit card information is collected. It’s not always easy to avoid credit card skimmers, but most large retailers use various measures to prevent them, such as a web application firewall.

New threats to watch out for

  • Malware web-based: Consumers should beware of suspicious websites or advertisements that lead them away from any sites they are browsing or that lure them with enticing offers. In some cases, a short visit to a malicious webpage is enough to infect your device.
  • Attacks on IoT and Routers: Although not directly related to Cyber ​​Monday, exploit attempts against consumer-grade routers or IoT devices are constant. Many people continue to work remotely, which is why it is good to update the devices or other technologies used at home. Network security should always be considered before shopping. Cybercriminals could employ reconnaissance hacks techniques. By doing so, they could discover the passwords for the corporate WiFi network or the login credentials for automatic online purchases.
  • Online services hijacked: Cybercriminals continue to target streaming platform accounts, often stealing information and putting it up for sale on Dark Web black market sites. It is good to monitor usage remotely, paying attention to warnings of unknown access to the service. subscription. It is also advised to contact the provider for suspicious activity.