We’re a couple of days away from Black Friday 2018, and this year is shaping up to be a big one. With local consumers scrounging around for the best deals, it’s online shopping that will be a prime target for cybercriminals, with new tactics being deployed in order to exploit unsuspecting South Africans.
To offer some insight, as well as a few tips, Brian Pinnock, cyber security expert at Mimecast MEA was weighed in on this year’s Black Friday and how to remain safe.
Good news and bad news
“There’s good news and bad news for Black Friday shoppers this year. The bad news is that cybercriminals are using new tactics that make it harder to spot fake deals. The good news is that with robust cybersecurity awareness training, an understanding of the new attack methods and sophisticated email security systems, consumers can protect their money and personal information, and businesses can better protect their sensitive data and systems,” explains Pinnock.
According to the expert, he often tells consumers that if a deal is too good to be true, it often is. When it comes to Black Friday though, and the aggressive price cuts that retailers often announce on the day, it becomes a bit harder to discern the difference between a great deal or phishing scam.
“For one day a year (23rd November this year), retailers take advantage of consumers’ appetite to spend by offering “loss leader” deals, which they advertise broadly on email and social media. The purpose of these offers is to entice shoppers to retailers’ sites and stores and convince them to buy more than the too-good-to-be-true TV for R500. And cybercriminals know and take advantage of this,” says Pinnock.
What to look out for
When it comes to staying safe from phishing attacks during Black Friday, Pinnock adds that much of the conventional wisdom around cyber security no longer applies on this day.
Things like the green or black padlock on website urls, or the “s” in the https, cannot be trusted in the same way they were previously, for example.
“That’s because cybercriminals can create or buy a real security certificate for their fake website in minutes,” adds Pinnock.
When it comes to things to look out for, the Mimecast security expert points to five things in particular.
Spelling errors in emails is one, with scammers often including them to weed out smarter consumers from those who are easier to con. He also advises against clicking on links within emails, and rather entering the address directly into your browser. It’s also a good idea to check out the sender’s address, as a major retailer will not send you mails from a Gmail account.
Pinnock also advocates for using different passcodes for different online services you utilise, as well as implementing some sort of two-factor authentication process for your online payments. Another helpful tip from Pinnock is creating a new email address when signing up for Black Friday deals, and not using your work or private address.
Overall he advocates for keeping a high level of suspicion, as we’re always more likely to get caught about by a scam or phishing attack when our guard is down.
“Think of Black Friday emails as you would Black Friday crowds outside Checkers. When you’re distracted by the pushing and shoving, you’re not likely to notice the pickpocket until he’s made off with your wallet,” concludes Pinnock.[Image – CC 0 Pixabay]