Published: November 28, 2020 on our newsletter Security Fraud News & Alerts Newsletter.
You want to go shopping this holiday season, but you may be a bit wary of diving right into the whole online shopping madness and fear theft of your payment card or other confidential information. This fear is not unjustified at all. In fact, Black Friday and Cyber Monday have traditionally been the least safe for shopping when it comes to phishing scams and fraud.
Even though the Saturday of Thanksgiving weekend is a popular shopping day, the number of phishing attacks actually has historically decreased on what has been referred to as “Gray Saturday.” And with so many people still staying home a lot and working from home, shopping will likely happen even more-so on the Saturday after Thanksgiving weekend this year, which is believe it or not, right around the corner. After all, it’s likely every day will be cyber Monday for a while.
Yet, the name isn’t because the scammers take weekends off that the numbers are lower on that particular day of the year. It’s actually because people who traditionally work in offices and use email as a regular communication method at work generally take off weekends from their offices. Therefore, they are not sitting at their desks shopping for sales on Saturday and Sunday and are less vulnerable to phishing lures. They are not clicking attachments or links that they may receive in their work email accounts, which are the targets for phishing scammers these days. But wait! This may change this year.
Whether it’s officially allowed or not, employees do use work computers for personal tasks on a regular basis. In a “normal” year, by not being in the office on Gray Saturday, the risk of being scammed by phishing is lowered. However, this year, the theories that are typically prevalent just may not hold quite as true.
While taking advantage of Gray Saturday, and all other online shopping days in this year of…craziness, remember the cyber secure guidelines:
Don’t click on links or attachments arriving in email from unknown senders or that are not expected. This is wise whether you’re on your work computer or your personal device of any kind.
Don’t shop using public or unsecured Wi-Fi networks to send sensitive information. While normally, this might happen more often, in this pandemic age, sitting in a café to shop likely won’t be so common. However, sitting outside for a bit, sipping a warm beverage on a cool day while doing some shopping on the café’s WiFi may certainly be an option. But just hold off till you get home to put in any payment information or other personal details.
Make sure you trust the websites you’re using for shopping. Look for the secure website indicators such as the lock icon, the “https:” in the address bar, or the green text.
Don’t click ads. Those often take you to scam sites. Instead, hand type the address of the shop into your browser. Just be careful not to make mistakes in the names. Domain jacking is likely to be common during the season.
Even better, use previously bookmarked websites that you know and trust.
Don’t fall for emails asking for personal details to be entered into a form or after clicking a link, especially for your financial accounts or other accounts that have a lot of personal information. Go directly to your online accounts and verify information through there.
Make sure all your online shopping devices have anti-virus software installed and that it’s kept updated. Update all your online shopping apps as well.
Financial phishing accounts for nearly half of all phishing attacks and scammers are taking advantage of events like Black Friday and Cyber Monday, and likely more this year, Gray Saturday. They are becoming trickier all the time and disguising messages as security alerts, financial institution “secure messages,” and even “you’ve been hacked” messages.
Take care this season when shopping from the comfort of your own sofa. Just use caution and it’ll be much easier to spread holiday cheer if you haven’t been scammed.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org